CVE-2025-44954

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-44954
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://claroty.com/team82/disclosure-dashboard/cve-2025-44954 Third Party Advisory
https://kb.cert.org/vuls/id/613753 Third Party Advisory US Government Resource
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*
OR cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*
cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*
History

07 Aug 2025, 17:55

Type Values Removed Values Added
CPE cpe:2.3:o:ruckuswireless:smartzone:6.1.2:patch_1:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:6.1.2:-:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:*:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:6.1.2:patch_2:*:*:*:*:*:*		 cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*
cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*
First Time Commscope ruckus Virtual Smartzone-federal
Commscope ruckus R750
Commscope ruckus T750se
Commscope ruckus H350
Commscope ruckus Smartzone 144-federal
Commscope ruckus M510
Commscope ruckus H320
Commscope
Commscope ruckus T750
Commscope ruckus H510
Commscope ruckus T350se
Commscope ruckus T310d
Commscope ruckus Smartzone 300-federal
Commscope ruckus Smartzone 300
Commscope ruckus Smartzone Firmware
Commscope ruckus C110
Commscope ruckus R610
Commscope ruckus E510
Commscope ruckus R730
Commscope ruckus T310n
Commscope ruckus T310s
Commscope ruckus R710
Commscope ruckus R720
Commscope ruckus R560
Commscope ruckus Smartzone 100-d
Commscope ruckus Smartzone 100
Commscope ruckus R510
Commscope ruckus Smartzone 144
Commscope ruckus R320
Commscope ruckus Virtual Smartzone
Commscope ruckus T310c

07 Aug 2025, 15:39

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
First Time Ruckuswireless smartzone
Ruckuswireless
References () https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e - () https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e - Vendor Advisory
References () https://kb.cert.org/vuls/id/613753 - () https://kb.cert.org/vuls/id/613753 - Third Party Advisory, US Government Resource
References () https://claroty.com/team82/disclosure-dashboard/cve-2025-44954 - () https://claroty.com/team82/disclosure-dashboard/cve-2025-44954 - Third Party Advisory
CPE cpe:2.3:o:ruckuswireless:smartzone:6.1.2:patch_1:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:6.1.2:-:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:*:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:smartzone:6.1.2:patch_2:*:*:*:*:*:*

04 Aug 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-04 17:15

Updated : 2025-08-07 17:55

NVD link : CVE-2025-44954

Mitre link : CVE-2025-44954

JSON object : View

Products Affected

commscope

  • ruckus_smartzone_144-federal
  • ruckus_t310n
  • ruckus_r320
  • ruckus_r710
  • ruckus_h510
  • ruckus_h320
  • ruckus_virtual_smartzone-federal
  • ruckus_t310c
  • ruckus_virtual_smartzone
  • ruckus_t310d
  • ruckus_e510
  • ruckus_r610
  • ruckus_smartzone_144
  • ruckus_t310s
  • ruckus_c110
  • ruckus_r510
  • ruckus_r750
  • ruckus_smartzone_100
  • ruckus_smartzone_300-federal
  • ruckus_r730
  • ruckus_r720
  • ruckus_t750
  • ruckus_t750se
  • ruckus_m510
  • ruckus_r560
  • ruckus_h350
  • ruckus_smartzone_300
  • ruckus_smartzone_firmware
  • ruckus_t350se
  • ruckus_smartzone_100-d
CWE
CWE-1394

Use of Default Cryptographic Key