Press ESC to close

Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks

Category Details
Threat Actors Unknown malicious attackers exploiting vulnerabilities in Ruijie Networks’ cloud platform and Skoda’s MIB3 infotainment unit.
Campaign Overview Exploitation of vulnerabilities in Ruijie Networks’ Reyee platform and Skoda MIB3 infotainment units to gain unauthorized access, execute remote code, or disrupt services.
Target Regions (Victims) Cloud-connected Ruijie network devices globally (~50,000 devices potentially impacted); Skoda vehicles equipped with MIB3 infotainment units.
Methodology - Exploitation of weak password recovery, SSRF, and MQTT vulnerabilities in Ruijie devices.
- Physical proximity attacks to extract device serial numbers.
- Chaining multiple vulnerabilities in Skoda vehicles to achieve code execution, track vehicles, and exfiltrate data.
Product Targeted - Ruijie Networks’ Reyee platform and devices.
- Skoda vehicles with MIB3 infotainment systems.
Malware Reference Not specified, though vulnerabilities enable malicious code execution and remote control.
Tools Used MQTT communication, Wi-Fi beacon interception, SSRF techniques, and Bluetooth-based attacks in Skoda systems.
Vulnerabilities Exploited - Ruijie: CVE-2024-47547, CVE-2024-48874, CVE-2024-52324, CVE-2024-45722, CVE-2024-47146.
- Skoda: CVE-2023-28902 to CVE-2023-29113 (12 flaws), CVE-2023-28895 to CVE-2023-28901 (9 flaws).
TTPs - Exploitation of cloud-based vulnerabilities for unauthorized access and control.
- Proximity-based attacks to intercept device details.
- Chaining vulnerabilities for privilege escalation, persistent code execution, and data exfiltration.
Attribution No specific attribution provided; attackers leverage publicly disclosed flaws in IoT devices.
Recommendations - Update to patched versions of Ruijie cloud devices and Skoda MIB3 infotainment units.
- Employ stronger authentication mechanisms for IoT devices.
- Secure communication protocols to prevent interception.
- Monitor IoT devices for abnormal behavior.
- Educate users on risks associated with vulnerable connected devices.
Source The Hackers News

Read full article: https://thehackernews.com/2024/12/ruijie-networks-cloud-platform-flaws.html

The above summary has been generated by an AI language model

Stay Updated with Our Newsletter

Source: TheHackersNews

Published on: December 25, 2024

Related posts:

Smuggler’s Gambit: Uncovering HTML Smuggling Adversary in the Middle Tradecraft | Huntress 'PopeyeTools' marketplace for stolen credit cards disrupted by feds Security News This Week: Andrew Tate’s ‘Educational Platform’ Was Hacked Krispy Kreme Cyber Attack Disrupted Online Ordering in the US

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Updated with Our Newsletter

Filter Posts by Date

Explore Topics