01Summary
This weakness occurs when a PRNG is initialized with a seed value that an attacker can predict or reproduce — such as the current time, process ID, or other easily observable system state. Because PRNGs are deterministic, knowing the seed allows an attacker to predict every "random" number the generator will produce, defeating the security purpose of randomness in cryptographic tokens, session IDs, password resets, and other security-critical operations.
02How It Happens
Pseudo-random number generators are deterministic algorithms: given the same seed, they always produce the same sequence of outputs. This is useful for testing and simulation, but dangerous for security. When a developer seeds a PRNG with a value that an attacker can guess or observe — such as time(), the process ID, or a combination of easily known values — the attacker can reproduce the entire sequence of "random" numbers offline. This is especially critical in cryptographic contexts where randomness is the only barrier between an attacker and a valid token or key.
The vulnerability is often introduced by developers who assume that a PRNG is inherently unpredictable, or who use convenience functions designed for non-security purposes (like random.seed(time.time()) in Python or mt_rand() in PHP) without understanding their limitations.
03Real-World Impact
An attacker who can predict the PRNG output can forge session tokens, password-reset links, CSRF tokens, or cryptographic nonces. This can lead to account takeover, unauthorized actions on behalf of legitimate users, or bypass of security controls that rely on unpredictable values. The severity depends on what the predicted values protect — a predictable session token is a direct path to account compromise.
06Signs You May Already Be Affected
Look for use of random.seed(), mt_srand(), srand(), or similar manual seeding in security-sensitive code paths. Check logs for repeated or predictable token values, or for multiple password-reset or session tokens that follow a mathematical pattern. If an attacker has reported being able to forge tokens or predict session IDs, this weakness may be the root cause.