Thousands of Ruckus Networks Devices Vulnerable Due to Unpatched Flaws
▼ Summary
– Security researchers discovered nine vulnerabilities in Ruckus Networks’ Virtual Smart Zone (vSZ) and Ruckus Network Director (RND) products, risking full network compromise.
– The flaws include authentication bypass, command injection, and hardcoded credentials, allowing attackers to gain admin access or execute arbitrary commands.
– No patches are currently available, leaving businesses vulnerable to potential attacks and disruption.
– CERT/CC confirmed the vulnerabilities could be chained for severe attacks, advising admins to restrict access to affected management environments.
– Mitigation includes limiting access to trusted users and using secure protocols until official fixes are released.
Thousands of Ruckus Networks devices remain exposed to critical security flaws that could allow attackers to take complete control of enterprise wireless environments. Researchers have identified nine unpatched vulnerabilities across two widely used Ruckus products, posing significant risks to organizations relying on these systems for network management.
The affected products include Ruckus Virtual Smart Zone (vSZ) and Ruckus Network Director (RND). vSZ serves as a virtualized controller for managing access points and switches, typically deployed by mid-sized to large enterprises. RND functions as a centralized platform for overseeing extensive wired and wireless networks. Both solutions play crucial roles in maintaining business connectivity, making these vulnerabilities particularly concerning.
Security experts from Claroty’s Team82 discovered multiple critical weaknesses. Among them, several involve hardcoded credentials and authentication bypasses, while others enable arbitrary command execution or privilege escalation. One notable flaw (CVE-2025-44954) allows attackers to gain administrative control over vSZ environments simply by exploiting default SSH keys. Another (CVE-2025-44963) permits session token forgery in RND due to a fixed JWT secret key.
The vulnerabilities vary in impact but collectively create pathways for data theft, network manipulation, and complete system compromise. Attackers could chain multiple exploits together to bypass security measures, potentially crippling critical infrastructure. Carnegie Mellon’s CERT/CC confirmed these findings, warning that even basic network access could lead to devastating breaches.
With no patches currently available, administrators face urgent challenges. Restricting access to management interfaces represents the most effective temporary solution. Organizations should implement strict network segmentation, allowing only verified users to interact with Ruckus systems through encrypted channels. Monitoring for unusual activity becomes essential until vendors release security updates.
The absence of official severity ratings or remediation timelines compounds the problem. Businesses using these products must weigh operational needs against potential exposure, considering alternative safeguards where possible. As wireless networks increasingly form the backbone of modern enterprises, such vulnerabilities underscore the importance of proactive security measures in network architecture.
(Source: TechRadar)