Security Bulletin: Update available to patch vulnerability in Ruckus wireless access points

A Ruckus vulnerability quietly announced in February received more attention last week when the U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave U.S. federal agencies a deadline of June 2 to secure their wireless access points (WAPs) against the critical CVE-2023-25717 RCE bug.

If remote web admin access is enabled for Ruckus WAPs, attackers can use malicious code to add these devices to a network designed to launch distributed denial-of-service (DDoS) attacks against other targets.

Ruckus already has patches available for a long list of devices (including devices that are end-of-life but may still be in use).

What’s really going on?
First of all — if you are not using Ruckus WAPs, this security bulletin does not apply to you.

Second, for most office and home networks, WAPs cannot be accessed from the internet, only from within a local network, so the risk here is lower. A hacker would need to be physically present in your office, connected to WiFi or ethernet, to reach your WAPs or wireless controllers. Generally, that’s just not how vulnerabilities like this are exploited. But, to be safe, we still recommend patching these devices to maintain the highest level of security.

In some cases, however, in order for administrators to manage the wireless network remotely, Ruckus has an interface enabled that can be accessed from outside the local network. When this is the case, the vulnerability in question is much more critical because it can be exploited by remote actors, and should be patched right away.

Best Practices
To prevent botnet malware infections on any network device, firmware updates should be applied regularly, admin passwords should be strong and unique, and remote admin panel access should be disabled.

Macktez Network Management reports on device status to help to identify potential vulnerabilities before they cause problems. Ongoing monitoring of network infrastructure better equips us to respond to service outages, hardware failures, and security vulnerabilities when they do occur. Manual tasks are grouped together and performed on a scheduled, recurring basis, efficiently ensuring that automated tools are working properly. If your organization would like this same protection, email Macktez and we can meet to discuss your needs.