Cybersecurity researchers have identified multiple critical vulnerabilities in Ruijie Networks' cloud management platform and Reyee OS network devices, potentially allowing attackers to control tens of thousands of IoT devices. Key vulnerabilities include weak password recovery mechanisms (CVE-2024-47547), a server-side request forgery flaw (CVE-2024-48874), and exploitation of MQTT communication (CVE-2024-52324). The "Open Sesame" attack enables local attackers to gain unauthorized access via device serial numbers.

Separately, PCAutomotive disclosed 12 vulnerabilities in Skoda's MIB3 infotainment units, enabling attackers to execute code, track car locations, and control in-car systems. These findings underscore the risks in IoT and connected automotive systems, necessitating robust security measures.

‍