New Ruckus Unleashed Product Line Exploit Discovered by SAM Seamless Network
- SAM Seamless Network's discovery of a vulnerability affecting 31 networking products from RUCKUS® Networks, part of CommScope (NASDAQ: COMM), is a significant development in the cybersecurity landscape. Ruckus has promptly responded and communicated effectively with SAM, taking the necessary steps to rectify the situation. The vulnerability exposes networks based on the affected devices to the risk of an attacker gaining full control over the remote Ruckus Unleashed device, installing malware, or gaining unauthorized access to critical information.
- None.
Vulnerability enables attacker to remotely gain full control over network devices. Ruckus has issued a patch for affected products
The authenticated remote command execution vulnerability was found in the "Ruckus Unleashed" product line's firmware (R510_200.14.6.1.179), and 31 products that are using the same web-based management interface version of Ruckus Unleashed are affected.
SAM's cybersecurity researchers discovered the flaw in an internal daemon associated with the web server, which manifests itself while parsing specific messages within one of the web components. The exploit can be triggered relatively quickly, if the attacker has LAN/WAN access to the AP's management interface. Upon successful exploitation, an attacker gains full control over the remote Ruckus Unleashed device, obtaining a fully privileged root shell.
This vulnerability exposes networks based on the affected devices to the risk of an attacker installing malware on the Ruckus AP, or gaining unauthorized access to the Ruckus mesh topology, connected client traffic, and other critical information.
A CVE ID from MITRE is pending (as of July 31, 2023).
SAM had reached out to Ruckus and provided its findings. Ruckus had promptly responded, and had communicated effectively with SAM from the initial vulnerability submission until the resolution of this issue. Ruckus' disclosure of this vulnerability and additional details on relevant patches related to affected products can be found in Ruckus' Security Bulletin 20230731 at this link.
SAM's cybersecurity solutions, which are protecting home and business networks at some of the world's largest ISPs, secure the network by protecting the router, the network and the devices connected to the network – and require no software installation on any of the end user's devices. SAM's device fingerprinting technology is used to identify the devices on the network and any change in device roster, and enables not only constant awareness to any abnormal device or network behavior, but a truly seamless and automated "no touch" user onboarding and continuous operation.
"SAM has a proactive approach to IoT security, and an ongoing commitment to detect and defend against cybersecurity attacks, invasion of privacy, and personal information theft," said Sivan Rauscher, CEO and Co-founder of SAM Seamless Network. "Having our own dedicated team of cybersecurity researchers enables SAM to not only incorporate updated cybersecurity mitigation practices within our solutions when they are provided by device vendors, but also actively discover new vulnerabilities in network-attached devices, investigate them, alert the relevant vendor, responsibly disclose the vulnerabilities to the cybersecurity community, and collaborate with relevant stakeholders on rectifying the vulnerabilities."
"Known device vulnerabilities that have already been resolved by their vendors are being mitigated by default," explains Nadav Lieberman, SAM's VP Data and Innovation. "However, when a new vulnerability is discovered - either by us or another party - and a patch is not issued by the vendor immediately, we create and apply the appropriate mitigation process, which can be a network policy update, code injection, etc., and use Hot Patching to secure the affected devices until an official patch is deployed by the vendor. SAM's hot patching really shines when it comes to secure IoT devices, known to be very challenging to secure and update, but it is especially critical when dealing with devices that are no longer supported by their vendor ("End of life") but are still at risk due to new vulnerabilities affecting them."
SAM wishes to recognize the outstanding and comprehensive research that has been done by "alephsecurity" in discovering prior exploits in Ruckus' products, which proved to be an important supporting asset to SAM's research efforts during the recent discovery.
About SAM
The leading provider of cloud-native security and intelligence services for unmanaged networks and connected devices, covering upwards of 500 million devices globally. With its intuitive AI technology, SAM addresses the challenges of our hyperconnected world, in which an explosion of IoT devices exposes potential attack surfaces for companies and consumers alike. SAM's device-agnostic software provides deep network visibility to protect against sophisticated cyber-attacks in real-time and prevent the spread of zero-day attacks. By using its unique cloud-based device and threat intelligence, SAM studies and identifies the behavior of every device to create customized protection for all home and SMB users, forming a bulletproof network.
Press Contacts:
Shiri Butnaru
Head of Marketing
shiri@securingsam.com
Photo - https://mma.prnewswire.com/media/2166836/SAM_Seamless_Network.jpg
View original content to download multimedia:https://www.prnewswire.com/news-releases/new-ruckus-unleashed-product-line-exploit-discovered-by-sam-seamless-network-301891404.html
SOURCE SAM Seamless Network
FAQ
What vulnerability has SAM Seamless Network discovered in Ruckus Networks' products?
How many networking products are affected by the vulnerability?
What action has Ruckus taken in response to the vulnerability?
What are the potential risks associated with the vulnerability?