CVE-2024-47547 Ruijie CVE debrief

Who should care

Organizations operating Ruijie Reyee OS devices in industrial control system (ICS) or operational technology (OT) environments, network administrators managing Reyee OS deployments, security teams responsible for authentication security in converged IT/OT networks, and compliance officers tracking CISA ICS advisories for critical infrastructure protection.

Technical summary

The vulnerability exists in Ruijie Reyee OS versions 2.206.x through 2.319.x due to a weak mechanism for password changes. This implementation flaw allows attackers to conduct brute force attacks against user authentication without adequate rate limiting or complexity enforcement. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N) indicates network exploitable, low attack complexity, no privileges required, no user interaction, with high confidentiality impact and low integrity impact. Ruijie has deployed fixes via cloud infrastructure, eliminating the need for manual patching by end users.

Defensive priority

HIGH

Recommended defensive actions

• Verify Reyee OS device version is outside affected range 2.206.x to 2.319.x if local management access is required
• Confirm cloud connectivity for automatic security patch application
• Monitor authentication logs for anomalous brute force patterns
• Apply network segmentation for ICS/OT devices per CISA recommended practices
• Review password policies for administrative accounts on affected devices
• Document asset inventory for Ruijie Reyee OS deployments

Evidence notes

Source confidence is HIGH based on CSAF product tree vendor identification. The affected product range is precisely bounded: Reyee OS versions 2.206.x up to but not including 2.320.x.

Official resources