PT-2024-9561 · Ruijie · Ruijie Reyee Os
Published
2024-12-03
·
Updated
2024-12-10
·
CVE-2024-47146
CVSS v4.0
7.1
High
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x
Description
The issue allows an attacker to obtain the device's serial number if physically adjacent and sniffing the RAW WIFI signal. This is related to the disclosure of resources to untrusted parties, which can be exploited by an attacker to obtain the device's serial number by intercepting the Wi-Fi signal.
Recommendations
For Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x, consider implementing additional security measures to prevent unauthorized access to the device's serial number, such as restricting access to the RAW WIFI signal or using encryption to protect the signal.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ruijie Reyee Os