Run static analysis (SAST) on the codebase looking for the unsafe pattern in the data flow.
CWE-323 Base Incomplete
Reusing a Nonce, Key Pair in Encryption
This vulnerability occurs when a cryptographic nonce or key pair is reused, compromising the security of the encrypted data.
Definition
What is CWE-323?
This vulnerability occurs when a cryptographic nonce or key pair is reused, compromising the security of the encrypted data.
In cryptography, a nonce (number used once) is a random or pseudo-random value that should be used for a single encryption session or transaction. Reusing it, or reusing the same key pair in a similar context, can allow attackers to decrypt messages, forge authentication, or break the encryption scheme entirely. This fundamentally undermines the security guarantees that modern encryption is designed to provide.
To prevent this, developers must ensure nonces and ephemeral key pairs are generated uniquely for every single operation. Implement systems that securely manage state to guarantee no value is repeated, and prefer using well-vetted cryptographic libraries that handle this automatically, rather than attempting custom implementations.
Real-world impact
Real-world CVEs caused by CWE-323
No public CVE references are linked to this CWE in MITRE's catalog yet.
How attackers exploit it
Step-by-step attacker path
- 1
This code takes a password, concatenates it with a nonce, then encrypts it before sending over a network:
- 2
Because the nonce used is always the same, an attacker can impersonate a trusted party by intercepting and resending the encrypted password. This attack avoids the need to learn the unencrypted password.
- 3
This code sends a command to a remote server, using an encrypted password and nonce to prove the command is from a trusted party:
- 4
Once again the nonce used is always the same. An attacker may be able to replay previous legitimate commands or execute new arbitrary commands.
Vulnerable code example
Vulnerable C
This code takes a password, concatenates it with a nonce, then encrypts it before sending over a network:
void encryptAndSendPassword(char *password){
char *nonce = "bad";
...
char *data = (unsigned char*)malloc(20);
int para_size = strlen(nonce) + strlen(password);
char *paragraph = (char*)malloc(para_size);
SHA1((const unsigned char*)paragraph,parsize,(unsigned char*)data);
sendEncryptedData(data)
} Secure code example
Secure pseudo
// Validate, sanitize, or use a safe API before reaching the sink.
function handleRequest(input) {
const safe = validateAndEscape(input);
return executeWithGuards(safe);
} What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Prevention checklist
How to prevent CWE-323
- Implementation Refuse to reuse nonce values.
- Implementation Use techniques such as requiring incrementing, time based and/or challenge response to assure uniqueness of nonces.
Detection signals
How to detect CWE-323
Run dynamic application security testing against the live endpoint.
Watch runtime logs for unusual exception traces, malformed input, or authorization bypass attempts.
Code review: flag any new code that handles input from this surface without using the validated framework helpers.
Plexicus auto-detects CWE-323 and opens a fix PR in under 60 seconds.
Codex Remedium scans every commit, identifies this exact weakness, and ships a reviewer-ready pull request with the patch. No tickets. No hand-offs.
Frequently asked questions What is CWE-323?
How serious is CWE-323?
What languages or platforms are affected by CWE-323?
How can I prevent CWE-323?
How does Plexicus detect and fix CWE-323?
Where can I learn more about CWE-323?
Frequently asked questions
What is CWE-323?
This vulnerability occurs when a cryptographic nonce or key pair is reused, compromising the security of the encrypted data.
How serious is CWE-323?
MITRE rates the likelihood of exploit as High — this weakness is actively exploited in the wild and should be prioritized for remediation.
What languages or platforms are affected by CWE-323?
MITRE has not specified affected platforms for this CWE — it can apply across most application stacks.
How can I prevent CWE-323?
Refuse to reuse nonce values. Use techniques such as requiring incrementing, time based and/or challenge response to assure uniqueness of nonces.
How does Plexicus detect and fix CWE-323?
Plexicus's SAST engine matches the data-flow signature for CWE-323 on every commit. When a match is found, our Codex Remedium agent opens a fix PR with the corrected code, tests, and a one-line summary for the reviewer.
Where can I learn more about CWE-323?
MITRE publishes the canonical definition at https://cwe.mitre.org/data/definitions/323.html. You can also reference OWASP and NIST documentation for adjacent guidance.
Related weaknesses
Weaknesses related to CWE-323
CWE-344 Parent
Use of Invariant Value in Dynamically Changing Context
This vulnerability occurs when code uses a fixed, unchanging value (like a hardcoded string, number, or reference) in a situation where…
CWE-587 Sibling
Assignment of a Fixed Address to a Pointer
This vulnerability occurs when code explicitly assigns a hardcoded memory address to a pointer, instead of using a dynamic or null value.
CWE-798 Sibling
Use of Hard-coded Credentials
This vulnerability occurs when software contains built-in, unchangeable authentication secrets like passwords or encryption keys within…
Ready when you are
Stop paying per developer.
Start closing the loop.
Plexicus is the AI-native ASPM that scans, filters, fixes, pentests, and explains — autonomously. Unlimited developers, unlimited repos, fair-use AI actions. Real free tier, €269/mo annual when you're ready.