CVE-2024-51722 MEDIUM

CVE-2024-51722: Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE

Vendor Blackberry
Product SecuSUITE
Weakness CWE-250
Published November 12, 2024
Last update November 13, 2024

CVSS base score

6.4/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands.

Key dates

02Disclosure timeline

November 12, 2024 CVE published
November 13, 2024 Record updated