CVE-2024-51727 Ruijie CVE debrief

Who should care

Organizations operating Ruijie Reyee OS in industrial control or operational technology environments, particularly those with remote administrative access requirements and multi-user account configurations

Technical summary

Ruijie Reyee OS contains a session management feature that permits high-privilege authenticated attackers to invalidate legitimate user sessions remotely. The vulnerability affects versions 2.206.x through 2.319.x and results in denial-of-service conditions on targeted user accounts. Network attack vector with low complexity and high privilege requirements. No confidentiality or integrity impact; availability impact rated high. Vendor has implemented cloud-based remediation.

Defensive priority

medium

Recommended defensive actions

• Verify Reyee OS device firmware version is 2.320.x or later, or confirm cloud-managed devices have received automatic updates
• Monitor administrative account sessions for unexpected terminations or anomalous session management activity
• Review access controls to ensure high-privilege accounts follow least-privilege principles
• Apply CISA ICS recommended practices for network segmentation of OT/ICS devices
• Document and audit session management configurations in Reyee OS deployments

Evidence notes

CISA CSAF source confirms affected versions as 2.206.x up to but not including 2.320.x. CVSS 3.1 vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H yields score 4.9 (Medium). Vendor remediation states cloud-based fix deployed with no user action required.

Official resources