CVE-2025-69426
Published: 09 January 2026
Summary
CVE-2025-69426 is a critical-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Ruckuswireless (inferred from references). Its CVSS base score is 10.0 (Critical).
Operationally, ranked at the 30.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1702
Vulnerability details
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables SCP and pseudo-TTY allocation,…
more
an attacker can authenticate using the hardcoded credentials and establish SSH local port forwarding to access the Docker socket. By mounting the host filesystem via Docker, an attacker can escape the container and execute arbitrary OS commands as root on the underlying vRIoT controller, resulting in complete system compromise.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Training on permission management reduces incorrect permission assignments for critical resources.
Central management of critical-resource permissions ensures uniform, least-privilege assignments rather than per-system manual settings that frequently drift.
Documented roles, responsibilities, and continuous risk management in the SDLC ensure that default and runtime permissions for critical resources are deliberately assigned and reviewed.
Documentation covering secure installation and permission settings reduces incorrect permission assignments on critical resources.
Procedures support proper permission assignment for critical resources through documented controls.
Attribute management for resources provides a mechanism to assign and maintain correct permissions based on security labels.
Prevents overly permissive assignments to critical resources by limiting to task needs.
Enables users to notice when hard-coded credentials have been exploited for unauthorized access.