Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/06/2023 Updated: 07/07/2023

CVSS v3 Base Score: 2.4 | Impact Score: 1.4 | Exploitability Score: 0.9

VMScore: 0

A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. This issue was observed for use of the following versions of Democracy Suite: 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15. NOTE: the Democracy Suite 5.17 EAC Certificate of Conformance mentions "Improved pseudo random number algorithm," which may be relevant.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dominionvoting democracy suite 5.5-a
dominionvoting democracy suite 5.2
dominionvoting democracy suite 5.4-nm
dominionvoting democracy suite 5.5
dominionvoting democracy suite 5.5-b
dominionvoting democracy suite 5.5-c
dominionvoting democracy suite 5.5-d
dominionvoting democracy suite 5.7-a
dominionvoting democracy suite 5.10
dominionvoting democracy suite 5.10a
dominionvoting democracy suite 5.15

CWE-338 https://www.eac.gov/voting-equipment/democracy-suite-517 https://freedom-to-tinker.com/2023/06/14/security-analysis-of-the-dominion-imagecast-x/https://dvsorder.org https://www.eac.gov/sites/default/files/voting_system/files/D-Suite%205.17%20Certificate%20and%20Scope%20SIGNED.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-48506

Vulnerability Summary

References

Vulmon Search

About

Products

Connect