Insufficient Entropy Vulnerability in SecuSUITE Secure Client Authentication Server by BlackBerry
CVE-2024-51720

4.8MEDIUM

Key Information:

Vendor: Blackberry
Status: Secusuite
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-51720?

The SecuSUITE Secure Client Authentication (SCA) Server has a vulnerability that stems from insufficient entropy, potentially enabling attackers to enroll unauthorized devices to victims' accounts and phone numbers. This flaw affects SecuSUITE versions 5.0.420 and earlier, posing risks to user security and privacy. Organizations utilizing this software should assess potential exposure and implement necessary mitigations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SecuSUITE 5.0.420

References

https://support.blackberry.com/pkb/s/article/140220

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024

JSON

Blackberry