Unauthorized Image Switching in Ruckus Wireless Products
CVE-2020-22658

9.8CRITICAL

Key Information:

Vendor: Ruckuswireless
Status: R310 Firmware
Vendor: CVE Published:; 20 January 2023

🔔 Create Ruckuswireless Vulnerability Alert

What is CVE-2020-22658?

A vulnerability in various Ruckus Wireless products allows adversaries to switch to an unauthorized image, enabling the booting of unverified code as the primary image. This can potentially lead to severe security risks, including unauthorized control over the device and disruption of services.

References

https://support.ruckuswireless.com/security_bulletins/302

https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilit...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 20, 2023
Vulnerability Reserved
Aug 13, 2020