Critical Vulnerabilities in Treck TCP/IP stack software

Published on 17 Jun 2020

Updated on 17 Jun 2020

Security researchers discovered 19 vulnerabilities in the TCP/IP software library developed by Treck, Inc. Collectively referred to as "Ripple20", 4 out of the 19 vulnerabilities are rated as critical. These vulnerabilities affect Treck TCP/IP stack implementations for embedded systems.

 

Successful exploitation of these vulnerabilities could allow an attacker to execute code remotely and take control of an affected system.

 

Vendors of affected products are advised to update to the latest version of Treck TCP/IP stack software (6.0.1.67 or later) immediately.

 

Users are encouraged to reach out to their device vendors for support and updates if available.

 

More information is available at:

https://www.jsof-tech.com/ripple20/

https://treck.com/vulnerability-response-information/