Partial MQTT Topic Subscription Vulnerability
CVE-2024-47791

5.3MEDIUM

Key Information:

Vendor
Ruijie
Status
Reyee Os
Vendor
CVE Published:
6 December 2024

Summary

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-3...

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2024-47791 : Partial MQTT Topic Subscription Vulnerability | SecurityVulnerability.io