{"id":"CVE-2022-29245","summary":"Weak private key generation in SSH.NET","details":"SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client’s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms.","aliases":["GHSA-72p8-v4hg-v45p"],"modified":"2026-04-10T04:47:19.281409Z","published":"2022-05-31T16:35:11Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/29xxx/CVE-2022-29245.json","cwe_ids":["CWE-338"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51"},{"type":"WEB","url":"https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/29xxx/CVE-2022-29245.json"},{"type":"ADVISORY","url":"https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29245"},{"type":"FIX","url":"https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sshnet/ssh.net","events":[{"introduced":"f48093713f2367b5e1d9b3d18e3e89eb4049efab"},{"fixed":"f1f273cf349532b9d41c1de51d3b83a9accedc88"}]}],"versions":["2020.0.0","2020.0.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29245.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}