CSC News Table of Contents
Critical vulnerabilities in Ruijie Networks’ cloud platform have exposed over 50,000 devices to remote attacks, posing a significant cybersecurity threat.
These flaws, collectively referred to as “Open Sesame,” enable attackers to exploit Ruijie’s Reyee platform and Reyee OS network devices, potentially gaining control over thousands of connected devices.
This alarming discovery highlights the urgent need to secure Internet of Things (IoT) devices and safeguard cloud-enabled networks.
Key Takeaway to Ruijie Networks Cloud Platform Vulnerabilities
- These vulnerabilities could allow attackers to execute malicious commands, highlighting the importance of immediate action.
Understanding the Ruijie Networks Cloud Platform Vulnerabilities
What Are These Vulnerabilities?
Cybersecurity researchers at Claroty identified ten vulnerabilities in Ruijie Networks’ cloud platform. Three of these flaws are rated critical:
| CVE Identifier | Description | CVSS Score |
|---|---|---|
| CVE-2024-47547 | Weak password recovery mechanism vulnerable to brute force attacks | 9.4 |
| CVE-2024-48874 | Server-Side Request Forgery (SSRF) exploiting AWS metadata services for internal access | 9.8 |
| CVE-2024-52324 | Exploitable MQTT vulnerabilities allowing arbitrary OS command execution | 9.8 |
How Do These Vulnerabilities Work?
The critical flaws allow attackers to:
- Execute malicious commands using MQTT communications.
- Access sensitive metadata through SSRF attacks.
- Exploit weak password recovery mechanisms to gain unauthorized access.
Claroty’s analysis also revealed that knowing a device’s serial number allows attackers to:
- Generate valid credentials for all cloud-connected devices.
- Perform denial-of-service (DoS) attacks.
- Send fabricated data to cloud-connected devices.
The “Open Sesame” Attack
The researchers devised an attack called “Open Sesame,” leveraging CVE-2024-47146 to:
- Extract serial numbers from Wi-Fi beacons.
- Exploit MQTT vulnerabilities to execute malicious commands remotely.
Real-Life Example: IoT Exploits
A similar attack occurred in 2019 when IoT vulnerabilities were exploited to disrupt smart devices, causing widespread chaos.
Mitigation and Fixes
Ruijie Networks has patched all vulnerabilities in their cloud platform, requiring no user action. However, users should:
- Verify their devices are running the latest firmware.
- Regularly update passwords and audit user access.
- Monitor devices for unusual activity.
Implications for IoT Security
Broader Impact
These vulnerabilities highlight persistent risks in IoT devices. Weak security mechanisms can expose businesses and individuals to significant threats, including:
- Data breaches.
- Service disruptions.
- Unauthorized access to critical systems.
Future Trends
As IoT adoption grows, attackers will continue to target cloud-enabled devices. Strengthening authentication, encrypting communications, and adopting advanced monitoring tools will become essential for IoT security.
About Ruijie Networks
Ruijie Networks specializes in innovative networking solutions, including cloud management platforms and IoT devices.
The company is committed to delivering reliable and secure products to its global customer base.
Rounding Up
The vulnerabilities in Ruijie Networks’ cloud platform serve as a reminder of the importance of securing IoT and cloud-enabled systems.
While Ruijie has addressed these flaws, organizations must remain vigilant and proactive in safeguarding their networks. Cybersecurity is an ongoing battle, and staying informed is the first step toward defense.
FAQs
What are the Ruijie Networks vulnerabilities?
- Ten security flaws in Ruijie’s cloud platform, including weak password recovery, SSRF attacks, and MQTT vulnerabilities.
Which devices were affected?
- Devices using Ruijie’s Reyee platform and Reyee OS network devices.
What is the “Open Sesame” attack?
- An attack leveraging CVE-2024-47146 to exploit MQTT communication and gain remote control of devices.
How can users protect their devices?
- Ensure devices are updated to the latest firmware, use strong passwords, and monitor for suspicious activity.
Are IoT devices at higher risk?
- Yes, IoT devices often have weaker security mechanisms, making them prime targets for attackers.
Has Ruijie Networks fixed the vulnerabilities?
- Yes, all identified flaws have been patched by Ruijie Networks.
