CVE-2020-22654

20.01.2023, 19:15

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 26%

Vendor	Product	Version
ruckuswireless	r310_firmware	10.5.1.0.199
ruckuswireless	r500_firmware	10.5.1.0.199
ruckuswireless	r600_firmware	10.5.1.0.199
ruckuswireless	t300_firmware	10.5.1.0.199
ruckuswireless	t301n_firmware	10.5.1.0.199
ruckuswireless	t301s_firmware	10.5.1.0.199
ruckuswireless	scg200_firmware	𝑥 < 3.6.2.0.795
ruckuswireless	sz-100_firmware	𝑥 < 3.6.2.0.795
ruckuswireless	sz-300_firmware	𝑥 < 3.6.2.0.795
ruckuswireless	vsz_firmware	𝑥 < 3.6.2.0.795
ruckuswireless	zonedirector_1100_firmware	9.10.2.0.130
ruckuswireless	zonedirector_1200_firmware	10.2.1.0.218
ruckuswireless	zonedirector_3000_firmware	10.2.1.0.218
ruckuswireless	zonedirector_5000_firmware	10.0.1.0.151

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-494 - Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

References

https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1

https://support.ruckuswireless.com/security_bulletins/302