Ruijie Cloud Platform Vulnerabilities Expose 50000 Devices to Remote Attacks

Cybersecurity researchers from Claroty have uncovered ten critical vulnerabilities in the Ruijie Networks' Reyee cloud management platform that could potentially compromise approximately 50,000 cloud-connected devices worldwide. The discovered flaws could allow malicious attackers to execute arbitrary code and gain unauthorized access to network devices.

The research team identified three particularly severe vulnerabilities with critical CVSS scores, including remote code execution risks that could potentially grant attackers complete control over cloud-connected devices. Among the most significant findings is a new attack methodology dubbed "Open Sesame," which enables attackers to exploit devices in close physical proximity through the cloud infrastructure.

Of the ten identified vulnerabilities, three stand out as critically dangerous:

The researchers discovered that attackers could easily break MQTT authentication by leveraging device serial numbers. This weakness allows potential attackers to generate valid authentication credentials for all cloud-connected devices, enabling a range of malicious activities including denial-of-service attacks and sending fabricated messages.

A particularly concerning aspect of the research is the "Open Sesame" attack, which allows an attacker physically near a Wi-Fi network to extract a device's serial number by intercepting raw Wi-Fi beacons. This technique can then be used to leverage other MQTT communication vulnerabilities and achieve remote code execution.

Following responsible disclosure, Ruijie Networks has addressed all identified vulnerabilities in their cloud platform. The company reports that no further action is required from end-users, and the potential security risks have been mitigated.

The discovery highlights ongoing security challenges in Internet of Things (IoT) devices, particularly those connected through cloud platforms. It underscores the critical importance of robust security mechanisms in network infrastructure, especially for devices used in enterprise, educational, and governmental environments.

Cybersecurity experts emphasize that such vulnerabilities demonstrate the need for continuous security assessments and proactive vulnerability management in connected device ecosystems. The research serves as a crucial reminder for organizations to maintain vigilant security practices and promptly address potential weaknesses in their network infrastructure.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: Here are the 5 most contextually relevant blog posts: