Ruijie Networks’ Reyee cloud management platform and the Reyee OS network devices that are associated with it have been found to have a critical security vulnerability.
This vulnerability, dubbed “Open Sesame,” allows attackers to remotely execute arbitrary code on thousands of cloud-connected devices, potentially granting them full control over these devices without physical access.
By exploiting a chain of ten vulnerabilities, attackers can bypass security measures and execute malicious code on the device, enabling them to steal sensitive data, disrupt network operations, or launch further attacks.
The implications of this vulnerability are far-reaching, as Ruijie Networks’ devices are widely deployed in public Wi-Fi networks across various sectors, including airports, schools, shopping malls, and government facilities, in over 90 countries.
A successful attack could lead to significant disruptions, data breaches, and other security incidents. For instance, attackers could compromise critical infrastructure, disrupt essential services, or steal intellectual property.
It underscores the growing threat of insecure cloud connectivity in the Internet of Things (IoT) landscape. As more devices become internet-connected, the attack surface expands, creating new opportunities for malicious actors.
To mitigate the risk, Ruijie Networks has released a security patch, and organizations are urged to update their devices promptly and implement robust security measures, including network segmentation, intrusion detection systems, and regular security audits.
Organizations should also prioritize vendor security practices and select vendors with strong security track records. By taking these steps, organizations can significantly reduce their exposure to this and other IoT vulnerabilities.
This incident highlights the need for a comprehensive approach to IoT security, which includes secure device design, secure software development practices, and ongoing security monitoring and response.
These vulnerabilities may also exist in other Internet of Things devices and cloud platforms, so it is essential to keep in mind that they are not restricted to the devices manufactured by Ruijie Networks.
The research conducted by Team82 focused on Ruijie’s cloud ecosystem, specifically seeking to exploit vulnerabilities in the company’s Reyee cloud platform and MQTT protocol implementation.
By leveraging beacon messages to extract device serial numbers, attackers could impersonate the cloud and send malicious commands to remote devices, which allowed for the compromise of access points, potentially granting access to internal networks through reverse shells.
