Secure Boot Bypass in Ruckus Wireless Products and Solutions
CVE-2020-22660

7.5HIGH

Key Information:

Vendor
Ruckuswireless
Status
R310 Firmware
Vendor
CVE Published:
20 January 2023

Summary

A specific vulnerability in various Ruckus Wireless products permits attackers to bypass Secure Boot mechanisms. This flaw allows the execution of previous backup images even after Secure Boot has failed, posing significant security risks by enabling unauthorized access and modifications to the system.

References

https://support.ruckuswireless.com/security_bulletins/302
https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilit...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.