CVE-2024-51720 MEDIUM

CVE-2024-51720: Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE

Vendor Blackberry
Product SecuSUITE
Weakness CWE-307 · Brute force
Published November 12, 2024
Last update September 11, 2025

CVSS base score

4.8/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number.

Key dates

02Disclosure timeline

November 12, 2024 CVE published
September 11, 2025 Record updated