CVE-2026-41858
Received Received - Intake
Weak Randomness in BOSH-Ecosystem Windows Utilities Allows Password Recovery

Publication date: 2026-06-04

Last updated on: 2026-06-04

Assigner: VMware

Description
Weak Randomness / Insecure Cryptographic Primitive (CWE-338) in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomize_password job exists solely to lock the local Administrator account behind an unguessable password as a hardening control. Because the password is derived from a predictable, clock-seeded PRNG, a network attacker who can estimate VM boot time can reconstruct a small candidate list and recover the Administrator password, defeating the hardening control. Affected versions: - windows-utilities-release: all versions prior to v0.23.0 (inclusive); fixed in v0.23.0 or later
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-04
Last Modified
2026-06-04
Generated
2026-06-04
AI Q&A
2026-06-04
EPSS Evaluated
N/A
NVD
CVE-2026-41858
EUVD
EUVD-2026-34195
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
vmware windows_utilities_release to 0.23.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-338 The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-41858 is a vulnerability in the windows-utilities-release component of the BOSH-Ecosystem. It involves weak randomness due to an insecure cryptographic primitive in the Get-RandomPassword function. Specifically, the password for the local Administrator account is generated using a predictable, clock-seeded pseudo-random number generator (PRNG). Because of this, a network attacker who can estimate the virtual machine (VM) boot time can reconstruct a small list of possible passwords and recover the Administrator password, defeating the intended security control.


How can this vulnerability impact me? :

This vulnerability allows a network attacker to recover the local Administrator password by exploiting the predictable password generation process. Once the attacker recovers the Administrator password, they can gain unauthorized administrative access to the affected system. This compromises the security of the system by defeating the hardening control intended to protect the Administrator account.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade the windows-utilities-release to version 0.23.0 or later.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart