December 13, 2024 at 10:54AM
Cybersecurity firm Claroty warns of vulnerabilities in the Reyee cloud management platform that could enable attackers to take control of 50,000 devices. Using device serial numbers, hackers can generate credentials, execute denial-of-service attacks, and potentially steal sensitive data. Ruijie has reportedly fixed all identified security issues.
**Meeting Takeaways: Vulnerabilities in Reyee Cloud Management Platform**
1. **Vulnerability Overview**:
– Claroty identified significant vulnerabilities in the Reyee cloud management platform and Reyee OS network appliances, potentially allowing attackers to take control of tens of thousands of devices.
2. **Authentication Weakness**:
– Ruijie devices use MQTT for communication with a username/password system based on the device’s serial number. This method is insecure due to predictable serial number patterns, enabling unauthorized access.
3. **Impact of Vulnerabilities**:
– Attackers can authenticate as devices, leading to denial-of-service attacks, sending false information to users, and potentially stealing sensitive data linked to device owners.
4. **Critical Vulnerabilities Reported**:
– A total of 10 vulnerabilities were reported, with three categorized as critical:
– CVE-2024-47547 (CVSS 9.4): Weak password recovery mechanism.
– CVE-2024-48874 (CVSS 9.8): Server-side request forgery (SSRF) issue.
– CVE-2024-52324 (CVSS 9.8): Arbitrary command execution via dangerous function.
5. **Attack Methodology (“Open Sesame”)**:
– An adjacent attacker can exploit Ruijie’s access points to extract serial numbers and send malicious commands without needing Wi-Fi credentials, resulting in potential internal network access.
6. **Scope of Impact**:
– Approximately 50,000 devices were identified as vulnerable, but Ruijie has addressed all security issues, and no user action is required at this time.
7. **Company Overview**:
– Ruijie Networks provides secure, cloud-managed network solutions mainly for small and medium-sized businesses, offering a web management portal for remote device management based on serial numbers.
8. **Next Steps**:
– Continuous monitoring and evaluation of network security measures are recommended, though existing vulnerabilities have been resolved by Ruijie.