Insufficient Entropy Vulnerability in SecuSUITE Secure Client Authentication Server by BlackBerry
CVE-2024-51720

Currently unrated

Key Information:

Vendor: BlackBerry
Status: SecuSUITE Secure Client Authentication (SCA) Server
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-51720?

The SecuSUITE Secure Client Authentication (SCA) Server has a vulnerability that stems from insufficient entropy, potentially enabling attackers to enroll unauthorized devices to victims' accounts and phone numbers. This flaw affects SecuSUITE versions 5.0.420 and earlier, posing risks to user security and privacy. Organizations utilizing this software should assess potential exposure and implement necessary mitigations.

References

https://support.blackberry.com/pkb/s/article/140220

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2024