high
7.5
Advisory Published
Updated

CVE-2020-22655

First published: Fri Jan 20 2023(Updated: )

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
All of
Ruckus Wireless R310 Firmware=10.5.1.0.199
Ruckus Wireless R310
All of
Arris Ruckus Zoneflex R500 Firmware=10.5.1.0.199
Arris Ruckus Zoneflex R500
All of
Ruckus Wireless R600 Firmware=10.5.1.0.199
Ruckus Wireless R600
All of
Ruckus Wireless T300 Firmware=10.5.1.0.199
Ruckus Wireless T300
All of
Ruckus Wireless T301n Firmware=10.5.1.0.199
Ruckus Wireless T301n
All of
Ruckus Wireless T301s Firmware=10.5.1.0.199
Ruckus Wireless T301s
All of
Ruckus Wireless SCG200 Firmware<3.6.2.0.795
Ruckus Wireless SCG200
All of
Ruckus Wireless SZ-100 Firmware<3.6.2.0.795
Ruckus Wireless SZ-100 Firmware
All of
Ruckus Wireless SZ-300 Firmware<3.6.2.0.795
Ruckus Wireless SZ-300 Firmware
All of
Ruckus Wireless VSZ<3.6.2.0.795
Ruckus Wireless VSZ
All of
Ruckus Wireless ZoneDirector 1100 firmware=9.10.2.0.130
Ruckus Wireless ZoneDirector 1100
All of
Ruckus Wireless ZoneDirector 1200 Firmware=10.2.1.0.218
Ruckus Wireless ZoneDirector 1200
All of
Ruckus Wireless ZoneDirector 3000=10.2.1.0.218
Ruckus Wireless ZoneDirector 3000
All of
Ruckus Wireless ZoneDirector 5000=10.0.1.0.151
Ruckus Wireless ZoneDirector 5000
Ruckus Wireless R310 Firmware=10.5.1.0.199
Ruckus Wireless R310
Arris Ruckus Zoneflex R500 Firmware=10.5.1.0.199
Arris Ruckus Zoneflex R500
Ruckus Wireless R600 Firmware=10.5.1.0.199
Ruckus Wireless R600
Ruckus Wireless T300 Firmware=10.5.1.0.199
Ruckus Wireless T300
Ruckus Wireless T301n Firmware=10.5.1.0.199
Ruckus Wireless T301n
Ruckus Wireless T301s Firmware=10.5.1.0.199
Ruckus Wireless T301s
Ruckus Wireless SCG200 Firmware<3.6.2.0.795
Ruckus Wireless SCG200
Ruckus Wireless SZ-100 Firmware<3.6.2.0.795
Ruckus Wireless SZ-100 Firmware
Ruckus Wireless SZ-300 Firmware<3.6.2.0.795
Ruckus Wireless SZ-300 Firmware
Ruckus Wireless VSZ<3.6.2.0.795
Ruckus Wireless VSZ
Ruckus Wireless ZoneDirector 1100 firmware=9.10.2.0.130
Ruckus Wireless ZoneDirector 1100
Ruckus Wireless ZoneDirector 1200 Firmware=10.2.1.0.218
Ruckus Wireless ZoneDirector 1200
Ruckus Wireless ZoneDirector 3000=10.2.1.0.218
Ruckus Wireless ZoneDirector 3000
Ruckus Wireless ZoneDirector 5000=10.0.1.0.151
Ruckus Wireless ZoneDirector 5000

Remedy

https://support.ruckuswireless.com/security_bulletins/302

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2020-22655?

    CVE-2020-22655 has been classified with a severity rating that indicates it could be exploited to gain unauthorized access to the affected devices.

  • How do I fix CVE-2020-22655?

    To mitigate CVE-2020-22655, ensure that you update your Ruckus devices to the latest firmware version provided by Ruckus Wireless.

  • What devices are affected by CVE-2020-22655?

    CVE-2020-22655 impacts various Ruckus devices including the R310, R500, R600, T300, T301n, T301s, as well as several SmartZone and ZoneDirector models.

  • Is there a workaround for CVE-2020-22655 if I cannot update my firmware?

    While updating firmware is the best solution, you can also limit access to the affected devices by implementing strict network segmentation and access controls.

  • What should I do if I suspect my device is compromised due to CVE-2020-22655?

    If you suspect your device has been compromised, immediately disconnect it from your network and perform a thorough analysis and remediation step before reconnecting.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203