Ripple20 Network Vulnerabilities
Security researchers have disclosed details of 19 vulnerabilities, collectively referred to as Ripple20, affecting the Track TCP/IP network stack. They claim that a remote unauthenticated attacker could exploit some or all of these vulnerabilities to execute arbitrary code, extract sensitive data, cause a denial-of-service condition on an affected system.
Summary
Security researchers have disclosed details of 19 vulnerabilities, collectively referred to as Ripple20, affecting the Track TCP/IP network stack. They claim that a remote unauthenticated attacker could exploit some or all of these vulnerabilities to execute arbitrary code, extract sensitive data, cause a denial-of-service condition on an affected system.
Affected platforms
The following platforms are known to be affected:
- Treck TCP/IP stack - Versions prior to 6.0.1.67
Threat details
The Track TCP/IP stack is integrated into a wide variety of embedded network systems including SOHO and Internet-of-Things products, medical devices, and industrial control systems. This diversity of systems and implementations makes it difficult to properly assess the impact presented by exploitation of the Ripple20 vulnerabilities.
For further information:
- CVE-2020-11896
- CVE-2020-11897
- CVE-2020-11898
- CVE-2020-11899
- CVE-2020-11900
- CVE-2020-11901
- CVE-2020-11902
- CVE-2020-11903
- CVE-2020-11904
- CVE-2020-11905
- CVE-2020-11906
- CVE-2020-11907
- CVE-2020-11908
- CVE-2020-11909
- CVE-2020-11910
- CVE-2020-11911
- CVE-2020-11912
- CVE-2020-11913
- CVE-2020-11914
- ICS-CERT Advisory ICSA-20-168-01
- CERT/CC Vulnerability Note VU#257161
- Ripple20: 19 Zero-Day Vulnerabilities Amplified by the Supply Chain (JSOF, 2020)
Remediation steps
Type | Step |
---|---|
Treck has released a security advisory confirming that the Ripple20 vulnerabilities have been addressed in the latest version of their TCP/IP stack, it is highly unlikely that most downstream vendors have integrated this version into their products or systems. Affected organisations are encouraged to contact their relevant suppliers to obtain any updates necessary. The following partial mitigation steps may also be applied where necessary:
Further mitigation guidance can be found here. |
CVE Vulnerabilities
Last edited: 29 June 2021 12:01 pm