Critical Vulnerabilities in Treck TCP/IP stack software

by CIRT Team

The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given the name Ripple20, affect hundreds of millions of devices and include multiple remote code execution vulnerabilities. These vulnerabilities affect Treck TCP/IP stack implementations for embedded systems.

The Treck TCP/IP stack is affected including:

IPv4
IPv6
UDP
DNS
DHCP
TCP
ICMPv4
ARP

Impact:
Successful exploitation of these vulnerabilities may allow remote code execution or exposure of sensitive information.

Mitigations:
Treck recommends users apply the latest version of the affected products (Treck TCP/IP 6.0.1.67 or later versions). To obtain patches, email security@treck.com.

Reference:
https://treck.com/vulnerability-response-information/
https://www.jsof-tech.com/ripple20/
https://www.us-cert.gov/ics/advisories/icsa-20-168-01

CIRT Team

Recommended Posts

Enhancing Situational Awareness on Emerging Cyber Threats

09 Sep 2023 - English articles, News, Security Advisories & Alerts, Uncategorized

UPDATE ON SITUATIONAL ALERT

08 Aug 2023 - Articles, News, Security Advisories & Alerts, Uncategorized

SITUATIONAL ALERT ON CYBER THREATS – August 2023

04 Aug 2023 - Security Advisories & Alerts