Millions of Connected Devices Affected By Ripple20

Walden Systems Geeks Corner News Millions of Connected Devices Affected By Ripple20 Rutherford NJ New Jersey NYC New York City North Bergen County
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

A series of 19 different vulnerabilities, four of them critical, affects hundreds of millions of internet of things (IoT) and industrial-control devices. The issue is in the code reuse, with the bugs affecting a TCP/IP software library developed by Treck that many manufacturers use. Researchers at JSOF found the faulty part of Treck's code, which is built to handle TCP-IP protocol that connects devices to networks and the internet, in the devices of more than 10 different manufacturers.

Affected hardware includes everything from printers to medical infusion pumps and industrial-control gear. Treck users include everyone from small, mom and pop businesses to Fortune 500 multinational corporations. HP, Intel, Rockwell Automation, Caterpillar, Baxter, as well as many other major international vendors are vulnerable. Their businesses includes medical, transportation, industrial control, enterprise, energy (oil/gas), telecom, retail and commerce, and other industries.


The wide-spread use of the software library was a consequence of the supply chain ripple-effect. A single vulnerable component, however small in and of itself, can ripple outward to affect a wide range of industries, applications, companies and people. The flaws, called Ripple20, include four remote code-execution vulnerabilities. If exploited, data could be stolen off of a printer or medical and industrial control devices could be made to malfunction. A hacker could hide malicious code within embedded devices for years. One of the vulnerabilities could enable entry from outside into the network boundaries.

Treck has issued a patch for use by OEMs in the latest Treck stack version ( 6.0.1.67 or higher ). The issue is for those companies to implement it. Because it’s a supply-chain issue, affected products should be able to update themselves but something that’s not always the norm in the IoT and industrial-control sectors. Based on CERT/CC and CISA ICS-CERT advisories, if devices can't be patched, admins should minimize network exposure for embedded and critical devices, ensuring that devices are not accessible from the Internet unless absolutely essential. Also, operational technology networks and devices should be segregated behind firewalls and isolated from any business networks. Users can block anomalous IP traffic and use pre-emptive traffic filtering.