- Description
- Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 9.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- ics-cert@hq.dhs.gov
- CWE-280
- Hype score
- Not currently trending
CVE Alert: CVE-2024-46874 - https://t.co/RZ1I3ClM9P #OSINT #ThreatIntel #CyberSecurity #cve_2024_46874
@RedPacketSec
7 Dec 2024
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-46874 Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attacker… https://t.co/3SD42Y41g0
@CVEnew
6 Dec 2024
394 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-46874: CRITICAL] Vulnerable Ruijie Reyee OS versions could allow attackers with device credentials to send unauthorized commands via MQTT, posing a serious cyber security risk.#cybersecurity,#vulnerability https://t.co/BYBisad2Xl https://t.co/5FHYS1OMpW
@CveFindCom
6 Dec 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-46874 Ruijie Reyee OS https://t.co/Tbma8WI4ZA Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
3 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijienetworks:reyee_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0847A16C-8A5D-4016-83E9-6DC80588E105",
"versionEndExcluding": "2.320.0",
"versionStartIncluding": "2.206.0"
}
],
"operator": "OR"
}
]
}
]