1. Home
  2. CVE Database
  3. CVE-2024-53702
MEDIUM · 5.3

CVE-2024-53702

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentia...

Vulnerability Description

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SonicwallSma 200 Firmware< 10.2.1.14-75sv
SonicwallSma 200-
SonicwallSma 210 Firmware< 10.2.1.14-75sv
SonicwallSma 210-
SonicwallSma 400 Firmware< 10.2.1.14-75sv
SonicwallSma 400-
SonicwallSma 410 Firmware< 10.2.1.14-75sv
SonicwallSma 410-
SonicwallSma 500V Firmware< 10.2.1.14-75sv
SonicwallSma 500V-

Related Weaknesses (CWE)

CWE-338

References

FAQ

What is CVE-2024-53702?

CVE-2024-53702 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentia...

How severe is CVE-2024-53702?

CVE-2024-53702 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-53702?

Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sma 200 Firmware, Sonicwall Sma 200, Sonicwall Sma 210 Firmware, Sonicwall Sma 210, Sonicwall Sma 400 Firmware.