CVE-2024-47043 – This vulnerability in Ruijie Reyee OS allows at... (How to Fix)

Q: What is the severity of CVE-2024-47043?

CVE-2024-47043 has a CVSS score of 7.5 (HIGH). This vulnerability in Ruijie Reyee OS allows attackers to correlate device serial numbers with user phone numbers and partial email addresses. It affects Ruijie Reyee OS versions 2.206.x through 2.319.x, potentially exposing sensitive user information.

📋 TL;DR

This vulnerability in Ruijie Reyee OS allows attackers to correlate device serial numbers with user phone numbers and partial email addresses. It affects Ruijie Reyee OS versions 2.206.x through 2.319.x, potentially exposing sensitive user information.

💻 Affected Systems

Products:

Ruijie Reyee OS

Versions: 2.206.x up to but not including 2.320.x

Operating Systems: Ruijie Reyee OS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Ruijie network devices running vulnerable Reyee OS versions

📦 What is this software?

Reyee Os by Ruijienetworks

View all CVEs affecting Reyee Os →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could build comprehensive user profiles by combining leaked data with other sources, enabling targeted phishing, social engineering, or identity theft attacks.

🟠

Likely Case

Information disclosure leading to privacy violations, potential targeted spam/phishing campaigns against affected users.

🟢

If Mitigated

Limited exposure of partial personal information without other context, minimal operational impact.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Information disclosure vulnerability requiring access to the system

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.320.x or later

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01

Restart Required: Yes

Instructions:

1. Check current Reyee OS version. 2. Download and install version 2.320.x or later from Ruijie support portal. 3. Reboot affected devices. 4. Verify update completion.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Ruijie devices from untrusted networks to limit exposure

Access Control Restrictions

all

Implement strict access controls to limit who can query device information

🧯 If You Can't Patch

Implement network segmentation to isolate Ruijie devices
Apply strict access controls and monitor for unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check Reyee OS version via device web interface or CLI: show version

Check Version:

show version

Verify Fix Applied:

Confirm OS version is 2.320.x or later using show version command

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to device information endpoints
Multiple serial number queries from single source

Network Indicators:

Unexpected API calls to device information endpoints
Traffic patterns suggesting data harvesting

SIEM Query:

source="ruijie-device" AND (event="serial_query" OR event="user_info_access")

📊 Metadata

CVE ID: CVE-2024-47043

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-922

Published: December 6, 2024

Last Updated: December 10, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47043, you might also want to check these: