CVE-2024-53702
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-53702 is a newly disclosed vulnerability affecting SonicWall SMA100 SSLVPN backup code generator. This issue is caused by the use of a cryptographically weak pseudo-random number generator (PRNG) in the backup process. An attacker who gains access to the system can predict the generated secret in certain cases, potentially exposing the backup data. This weakness in the PRNG can lead to unauthorized access to sensitive information, making it a significant security concern for organizations using SonicWall SMA100 SSLVPN. It is crucial for users to apply the necessary patches as soon as they become available to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- SonicWall Inc.