Description Preview
Overview
This vulnerability affects multiple Ruckus wireless infrastructure products running specific firmware versions. The issue allows attackers to manipulate the secondary backup firmware image, which could lead to persistent unauthorized access or control of the affected devices. Since many network devices use a dual-firmware architecture for failsafe updates, compromising the secondary image could create a persistent backdoor that survives normal firmware update procedures. Affected devices include various access point models (R310, R500, R600, T300 series) and controller platforms (SmartCell Gateway, SmartZone, ZoneDirector) running vulnerable firmware versions.
Remediation
Ruckus Networks has released patched firmware versions to address this vulnerability. Users should upgrade to the following versions or newer:
- For SmartCell Gateway 200 (SCG200): Version 3.6.2.0.795 or later
- For SmartZone 100 (SZ-100): Version 3.6.2.0.795 or later
- For SmartZone 300 (SZ300): Version 3.6.2.0.795 or later
- For Virtual SmartZone (vSZ): Version 3.6.2.0.795 or later
- For ZoneDirector series and access points: Check the Ruckus security bulletin for specific version recommendations
Additionally, organizations should:
- Verify firmware integrity after updates
- Implement proper network segmentation to limit access to management interfaces
- Use strong authentication for administrative access
- Monitor devices for unexpected firmware changes or behavior
References
- Ruckus Security Bulletin: https://support.ruckuswireless.com/security_bulletins/302
- Vulnerability Analysis Blog Post: https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1
- MITRE CVE Entry: CVE-2020-22661
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Accommodation & Food ServicesAccommodation & Food Services
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting
- Arts, Entertainment & RecreationArts, Entertainment & Recreation
- ConstructionConstruction
- Educational ServicesEducational Services
- Finance and InsuranceFinance and Insurance
- Health Care & Social AssistanceHealth Care & Social Assistance
- InformationInformation
- Management of Companies & EnterprisesManagement of Companies & Enterprises
- ManufacturingManufacturing
- MiningMining
- Other Services (except Public Administration)Other Services (except Public Administration)
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services
- Public AdministrationPublic Administration
- Real Estate Rental & LeasingReal Estate Rental & Leasing
- Retail TradeRetail Trade
- Transportation & WarehousingTransportation & Warehousing
- UtilitiesUtilities
- Wholesale TradeWholesale Trade
