CVE-2024-53702
published 2024-12-05CVE-2024-53702: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases…
PriorityP426medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.34%
25.9th percentile
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sma | — | — |
| sonicwall | sma100 | — | — |
| sonicwall | sma_200_firmware | < 10.2.1.14-75sv | 10.2.1.14-75sv |
| sonicwall | sma_210_firmware | < 10.2.1.14-75sv | 10.2.1.14-75sv |
| sonicwall | sma_400_firmware | < 10.2.1.14-75sv | 10.2.1.14-75sv |
| sonicwall | sma_410_firmware | < 10.2.1.14-75sv | 10.2.1.14-75sv |
| sonicwall | sma_500v_firmware | < 10.2.1.14-75sv | 10.2.1.14-75sv |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r2f4-w3vh-wpxj: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certai
ghsa_unreviewed·2024-12-05
CVE-2024-53702 [MEDIUM] CWE-338 GHSA-r2f4-w3vh-wpxj: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certai
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
SonicWall
CVE-2024-53702: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certai
vendor_sonicwall·2024-12-05·CVSS 5.3
CVE-2024-53702 [MEDIUM] CWE-338 CVE-2024-53702: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certai
CVE-2024-53702: Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-12-05
Published