CVE-2026-46474 Overview
CVE-2026-46474 affects Trog::TOTP versions before 1.006 for Perl. The module generates Time-based One-Time Password (TOTP) secrets using Perl's built-in rand function. This function is not cryptographically secure and produces predictable output. Attackers who can predict the pseudo-random sequence can reconstruct TOTP secrets and bypass two-factor authentication. The flaw maps to [CWE-331: Insufficient Entropy]. The Exploit Prediction Scoring System (EPSS) rates this issue at 0.038% with a percentile of 11.4.
Critical Impact
Predictable secret generation allows attackers to derive TOTP secrets and defeat the second authentication factor for accounts protected by the affected library.
Affected Products
- Trog::TOTP Perl module versions prior to 1.006
- Applications that depend on Trog::TOTP for two-factor authentication secret provisioning
- Distributions published through CPAN under author TEODESIAN
Discovery Timeline
- 2026-05-15 - CVE-2026-46474 published to the National Vulnerability Database (NVD)
- 2026-05-15 - Disclosure posted to the Openwall OSS Security list
- 2026-05-18 - Last updated in the NVD database
Technical Details for CVE-2026-46474
Vulnerability Analysis
Trog::TOTP implements TOTP secret generation in lib/Trog/TOTP.pm. Versions before 1.006 call Perl's built-in rand function to produce the bytes that become the shared secret. Perl's rand is a non-cryptographic pseudo-random number generator (PRNG) seeded from limited entropy sources. Its output stream is deterministic once the seed is known or recovered.
An attacker who observes a small amount of generator output, or who can constrain the seed space, can replay the PRNG and derive the secret material issued to a user. With the secret recovered, the attacker can compute valid TOTP codes at any time. This converts the second authentication factor into a single point of failure rather than an independent control.
The weakness is classified as Insecure Random Number Generation under [CWE-331]. Network exploitability is possible because TOTP secrets enrolled remotely or transmitted through enrollment workflows can be targeted without local access. Refer to the MetaCPAN release diff for the patched function.
Root Cause
The root cause is the use of rand to generate cryptographic material. rand is documented as unsuitable for security purposes. The library should source secrets from a cryptographically secure PRNG such as Crypt::URandom or /dev/urandom.
Attack Vector
The attack vector is network-based and requires no authentication or user interaction. An attacker who can predict the PRNG state derives the TOTP secret and produces valid one-time codes. This enables account takeover when combined with valid primary credentials.
No verified public exploit code is available. The vulnerability mechanism is described in the MetaCPAN release changes.
Detection Methods for CVE-2026-46474
Indicators of Compromise
- Repeated successful TOTP validations from new geographies or devices immediately after enrollment
- Authentication events where the same TOTP code is reused or where codes succeed outside expected time skew windows
- Presence of Trog::TOTP versions earlier than 1.006 in CPAN dependency manifests such as cpanfile, Makefile.PL, or META.json
Detection Strategies
- Inventory all Perl applications and scan installed module versions with cpan -l or corelist style tooling to flag Trog::TOTP < 1.006
- Audit application source for direct calls to rand in any authentication or secret-generation path
- Correlate multi-factor authentication (MFA) success events with primary credential failures or password spraying patterns
Monitoring Recommendations
- Log every TOTP enrollment and validation event with user, source IP, and timestamp
- Alert on TOTP successes that follow primary authentication failures from unrelated source addresses
- Track CPAN dependency drift in CI/CD pipelines and fail builds on vulnerable Trog::TOTP versions
How to Mitigate CVE-2026-46474
Immediate Actions Required
- Upgrade Trog::TOTP to version 1.006 or later across all production and development environments
- Invalidate and re-enroll all TOTP secrets generated by vulnerable versions, as existing secrets remain predictable after the upgrade
- Review authentication logs since the deployment of any vulnerable version for signs of unauthorized MFA success
Patch Information
The maintainer released Trog::TOTP 1.006, which replaces the use of rand with a cryptographically secure source. Review the patched code in the MetaCPAN release diff and the release changes.
Workarounds
- If immediate upgrade is not possible, replace the secret generation call with a wrapper that reads from Crypt::URandom::urandom or /dev/urandom
- Temporarily disable TOTP enrollment for new users until the patched version is deployed
- Enforce additional authentication signals such as device binding or conditional access to reduce reliance on the TOTP factor
# Upgrade Trog::TOTP to the patched release
cpanm Trog::TOTP@1.006
# Verify installed version
perl -MTrog::TOTP -E 'say $Trog::TOTP::VERSION'
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
