Report a potential issue:

The Ruckus Security Incident Response Policy

View customer-only security bulletins

Ruckus response to the WPA2 (KRACK) vulnerability:
Ruckus Wireless Support Resource Center

The Ruckus Product Security Team is responsible for researching, analyzing and responding to security incident reports related to Ruckus products. This team is the first point of contact for all security incident reports and works directly with Ruckus customers, security researchers, government organizations, consultants, industry security organizations, and other vendors to identify security issues with Ruckus products. This team is also responsible for publishing security advisories and communicating with outside entities regarding mitigation steps for addressing particular security issues with Ruckus products.

Reporting a Security Issue to Ruckus

Ruckus encourages individuals and organizations to report all Ruckus-related product related vulnerabilities and security issues directly to Ruckus via our email alias:

A link to the Ruckus Security Incident Response Policy is available here.

Please provide a detailed description of the issue along with sufficient information to reasonably enable Ruckus to reproduce the issue. Please also include a technical contact, list of Ruckus products affected and any other helpful information such as logs and console messages etc.

If you are a currently experiencing a network outage or need help configuring a security feature, please contact Ruckus via any of the contact methods listed on the Support Contact page.

Security Bulletins

IDTitleVersionRelease DateEdit DateFAQ
20190815TCP SACK Panic - Kernel Vulnerability (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)1.0August 15, 2019August 15, 2019
20190603Ruckus SmartZone Privilege Escalation Vulnerability (CVE-2019-11630)1.2June 3, 2019August 12, 2019
20190528Zombieload, RIDL, and Fallout Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-11091)1.0May 28, 2019May 28, 2019
20190412Dragonblood Vulnerabilities - VU#8716751.0April 12, 2019April 12, 2019
20181205PortSmash Side-Channel Vulnerability (CVE-2018-5407)1.0December 5, 2018December 5, 2018
20181102Libssh Vulnerabilities - CVE-2018-109331.0November 2, 2018November 2, 2018
20180917Automatic DNS Registration and Proxy Autodiscovery Vulnerabilities (VU#598349)1.0September 17, 2018September 17, 2018
20180906Intel Speculative Execution Vulnerabilities (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646)1.0September 6, 2018September 6, 2018
20180816Dictionary attacks on WiFi Protected Access (WPA & WPA2) Protocols1.0August 16, 2018August 16, 2018
20180815Linux Kernel TCP Reassembly Algorithm Remote DOS Vulnerability (CVE-2018-5390)1.3August 15, 2018January 16, 2019