Login Sign Up

CVE-2024-36048

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability in Qt Network Authorization's QAbstractOAuth uses only system time to seed the pseudo-random number generator (PRNG), making generated values predictable. Attackers could guess authentication tokens, session IDs, or cryptographic nonces, potentially bypassing security controls. Applications using Qt's OAuth implementation for authentication or secure communications are affected.

💻 Affected Systems

Products:
  • Qt Network Authorization
  • Applications using Qt's QAbstractOAuth
Versions: Qt 5.x before 5.15.17, Qt 6.x before 6.2.13, Qt 6.3.x through 6.5.x before 6.5.6, Qt 6.6.x through 6.7.x before 6.7.1
Operating Systems: All platforms running affected Qt versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only applications using QAbstractOAuth for OAuth authentication are vulnerable. Applications not using Qt Network Authorization or not implementing OAuth via QAbstractOAuth are not affected.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Qt by Qt

View all CVEs affecting Qt →

Qt by Qt

View all CVEs affecting Qt →

Qt by Qt

View all CVEs affecting Qt →

Qt by Qt

View all CVEs affecting Qt →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete authentication bypass allowing unauthorized access to user accounts, data theft, or privilege escalation in applications relying on Qt's OAuth implementation for security.

🟠

Likely Case

Session hijacking or token prediction enabling unauthorized API access, data leakage, or account compromise in vulnerable applications.

🟢

If Mitigated

Limited impact if additional authentication layers, rate limiting, or token validation mechanisms are in place alongside the vulnerable component.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires predicting PRNG outputs based on timing, which is theoretically straightforward but depends on application implementation details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qt 5.15.17, 6.2.13, 6.5.6, 6.7.1

Vendor Advisory: https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560317

Restart Required: Yes

Instructions:

1. Identify Qt version in use. 2. Update to patched version: Qt 5.15.17, 6.2.13, 6.5.6, or 6.7.1. 3. Recompile applications with updated Qt libraries. 4. Redeploy updated applications. 5. Restart services using Qt Network Authorization.

🔧 Temporary Workarounds

Disable QAbstractOAuth Usage

all

Temporarily disable or replace Qt's OAuth implementation with alternative authentication mechanisms.

Implement Additional Token Validation

all

Add server-side validation of OAuth tokens beyond what Qt provides, including timestamp checks and rate limiting.

🧯 If You Can't Patch

  • Isolate vulnerable applications behind network segmentation to limit attack surface.
  • Implement Web Application Firewall (WAF) rules to detect and block suspicious authentication patterns.

🔍 How to Verify

Check if Vulnerable:

Check Qt version: qmake --version or examine Qt installation directory. Verify if application uses QAbstractOAuth by reviewing source code or dependencies.

Check Version:

qmake --version

Verify Fix Applied:

Confirm Qt version is 5.15.17, 6.2.13, 6.5.6, or 6.7.1. Test OAuth functionality to ensure proper random token generation.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed authentication attempts with predictable token patterns
  • Unusual OAuth token reuse or timing anomalies

Network Indicators:

  • Rapid sequential authentication requests to OAuth endpoints
  • Predictable token values in authentication traffic

SIEM Query:

source="oauth_logs" AND (token_pattern="predictable" OR auth_attempts>10/minute)

📊 Metadata

CVE ID: CVE-2024-36048
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-335
Published: May 18, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36048, you might also want to check these:

CVE-2023-4472 9.8

CVE-2023-4472 is a critical authentication bypass vulnerability in Objectplanet Opinio survey softwa...

Same vulnerability type (CWE-335)
CVE-2024-27632 8.8

This vulnerability in GNU Savane allows remote attackers to escalate privileges by manipulating the ...

Same vulnerability type (CWE-335)
CVE-2021-41117 8.7

The keypair library generates identical RSA keys due to flawed random number generation, particularl...

Same vulnerability type (CWE-335)