Cyber Resilience

CVE-2024-57854

Critical

Published: 05 March 2026

Published
05 March 2026
Modified
09 March 2026
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0041 32.6th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2024-57854 is a critical-severity PRNG (CWE-338) vulnerability in Dougdude Net\. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SC-13 (Cryptographic Protection).

Deeper analysis

CVE-2024-57854 is a vulnerability in Net::NSCA::Client versions through 0.009002 for Perl, stemming from the use of a poor random number generator for initialization vectors in initial packets. Starting with version v0.003, the module switched from Crypt::Random to Data::Rand::Obscure, which depends on Perl's built-in rand() function that is not cryptographically secure. This issue falls under CWE-338 (Use of Cryptographically Weak Random Number Generator) and carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

The vulnerability enables network-based exploitation with low attack complexity, requiring no privileges, user interaction, or scope changes. Attackers can achieve high impacts on confidentiality and integrity, potentially by predicting or forging initialization vectors in NSCA packets sent by the client.

Mitigation details appear in available references, including a patch in pull request 2 at https://patch-diff.githubusercontent.com/raw/dougwilson/perl5-net-nsca-client/pull/2.patch and an announcement on the oss-security mailing list at http://www.openwall.com/lists/oss-security/2026/03/05/1. The vulnerable code is visible in the source at https://metacpan.org/release/DOUGDUDE/Net-NSCA-Client-0.009002/source/lib/Net/NSCA/Client/InitialPacket.pm#L119; practitioners should apply the patch or upgrade to a fixed version.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand() function, which is not suitable for cryptographic…

more

functions.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1557 Adversary-in-the-Middle Credential Access
Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.
T1565.002 Transmitted Data Manipulation Impact
Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

Network-exploitable weak IV prediction directly enables public app exploitation, MITM forgery, and transmitted data manipulation via NSCA packet injection.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-66630Shared CWE-338
CVE-2024-40762Shared CWE-338
CVE-2021-26091Shared CWE-338
CVE-2024-58041Shared CWE-338
CVE-2025-40905Shared CWE-338
CVE-2025-15578Shared CWE-338
CVE-2026-25726Shared CWE-338
CVE-2026-41858Shared CWE-338
CVE-2026-6659Shared CWE-338
CVE-2026-47372Shared CWE-338

Affected Assets

dougdude
net\
\

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of software flaws like the weak RNG in Net::NSCA::Client, via patching or upgrading to fixed versions.

prevent

Mandates use of cryptographic mechanisms meeting organizational requirements, preventing deployment of weak RNG for initialization vectors in NSCA packets.

detect

Requires vulnerability scanning to identify and prioritize exploitation of cryptographic weaknesses such as CVE-2024-57854 in deployed Perl modules.

References