Description Preview
Overview
This vulnerability (CVE-2020-22657) allows an attacker to completely bypass authentication mechanisms on the web management interface of affected Ruckus devices. By exploiting this vulnerability, an attacker could gain unauthorized administrative access to the device without providing valid credentials. This could lead to complete compromise of the affected device, including the ability to modify configurations, access sensitive information, and potentially use the device as a pivot point to attack other network resources. The vulnerability affects a wide range of Ruckus wireless access points and management controllers running vulnerable firmware versions.
Remediation
-
Update all affected devices to the latest firmware versions:
- SmartCell Gateway 200 (SCG200): Update to version 3.6.2.0.795 or later
- SmartZone 100 (SZ-100): Update to version 3.6.2.0.795 or later
- SmartZone 300 (SZ300): Update to version 3.6.2.0.795 or later
- Virtual SmartZone (vSZ): Update to version 3.6.2.0.795 or later
- For access points (R310, R500, R600, T300, T301n, T301s), follow Ruckus security advisories for appropriate firmware updates
-
Until updates can be applied, consider implementing the following mitigations:
- Restrict management access to trusted IP addresses only
- Place affected devices behind a firewall that limits access to the web interface
- Use VPN for remote management access
- Monitor for unauthorized access attempts
-
After updating, perform a security audit to ensure no unauthorized changes were made to device configurations.
References
- Ruckus Security Bulletin: https://support.ruckuswireless.com/security_bulletins/302
- Vulnerability Analysis: https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1
- CWE-287: Improper Authentication: https://cwe.mitre.org/data/definitions/287.html
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Accommodation & Food ServicesAccommodation & Food Services
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting
- Arts, Entertainment & RecreationArts, Entertainment & Recreation
- ConstructionConstruction
- Educational ServicesEducational Services
- Finance and InsuranceFinance and Insurance
- Health Care & Social AssistanceHealth Care & Social Assistance
- InformationInformation
- Management of Companies & EnterprisesManagement of Companies & Enterprises
- ManufacturingManufacturing
- MiningMining
- Other Services (except Public Administration)Other Services (except Public Administration)
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services
- Public AdministrationPublic Administration
- Real Estate Rental & LeasingReal Estate Rental & Leasing
- Retail TradeRetail Trade
- Transportation & WarehousingTransportation & Warehousing
- UtilitiesUtilities
- Wholesale TradeWholesale Trade
