CVE-2024-53702: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in...

0.0 CVSS

Description

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.

Classification

CVE ID: CVE-2024-53702

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: SonicWall

Product: SMA100

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018

Timeline

2024-12-06 00:32:16 UTC
CVE

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in...