Vulnerability in Ruckus Wireless Products Leading to Unauthorized Image Signature Injection
CVE-2020-22659

7.5HIGH

Key Information:

Vendor

Ruckuswireless

Status
R310 Firmware
Vendor
CVE Published:
20 January 2023

What is CVE-2020-22659?

A vulnerability exists in several Ruckus Wireless devices that allows attackers to exploit the official image signature mechanism. This flaw enables unauthorized image signature injection, compromising device integrity and security. Affected versions span across various models, including the R310, R500, R600, and several ZoneDirector products, necessitating urgent attention from users to ensure they are not at risk.

References

https://support.ruckuswireless.com/security_bulletins/302
https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilit...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.