Ripple20

Ripple20 is a set of vulnerabilities discovered in 2020 in a software library that implemented a TCP/IP stack. The security concerns were discovered by JSOF, which named the collective vulnerabilities for how one company's code became embedded into numerous products.

Description[edit]

Ripple20 is a set of 19 vulnerabilities discovered in 2020 in a software library developed by the Cincinnati-based^[1] company Treck Inc., which implemented a TCP/IP stack.^[2]

History[edit]

The first release of Treck's library was around 1997.^[1] Treck had also worked with Elmic Systems, which created a fork of the library when the companies ended their collaboration.^[3] In September 2019, JSOF researchers analyzed a device containing code from the library and discovered it had vulnerabilities. Further analysis determined that the code originated from Treck's library, which had been widely implemented by numerous manufacturers.^[3] The disclosure of the vulnerabilities was made in June 2020.^[4]^[5]^[6]^[7] Ripple20 was chosen as the name for the set of vulnerabilities based on the disclosure year and the idea that the problems "rippled" through the supply chain from one company.^[2]^[8] It is difficult to identify all affected devices, because manufacturers may not realize that the library was used in one of their components.^[9]

References[edit]

^ ^a ^b Catalin Cimpanu (2018-08-21). "Ripple20 vulnerabilities will haunt the IoT landscape for years to come". ZDNet. Retrieved 2020-07-02.
^ ^a ^b Andy Greenberg (2020-06-16). "Ripple20 Bugs Put Hundreds of Millions of IoT Devices at Risk". WIRED. Retrieved 2020-07-02.
^ ^a ^b "disclosure". jsof-tech.com. Retrieved 2020-07-02.
^ "Ripple20 Threatens Increasingly Connected Medical". Darkreading.com. Retrieved 2020-07-02.
^ "This Week In Security: Bitdefender, Ripple20, Starbucks, And Pwned Passwords". Hackaday. 2020-06-26. Retrieved 2020-07-02.
^ "List of Ripple20 vulnerability advisories, patches, and updates". Bleepingcomputer.com. 2020-06-25. Retrieved 2020-07-02.
^ "Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020". Tools.cisco.com. 2020-06-16. Retrieved 2020-07-02.
^ "Overview". jsof-tech.com. Retrieved 2020-07-02.
^ Jon Gold. "Ripple20 TCP/IP flaws can be patched but still threaten IoT devices". Network World. Retrieved 2020-07-02.

External links[edit]

"Vulnerability Response Information". treck.com.

[zdnet1-1] Catalin Cimpanu (2018-08-21). "Ripple20 vulnerabilities will haunt the IoT landscape for years to come". ZDNet. Retrieved 2020-07-02.

[wired1-2] Andy Greenberg (2020-06-16). "Ripple20 Bugs Put Hundreds of Millions of IoT Devices at Risk". WIRED. Retrieved 2020-07-02.

[jsof-tech1-3] "disclosure". jsof-tech.com. Retrieved 2020-07-02.

[4] "Ripple20 Threatens Increasingly Connected Medical". Darkreading.com. Retrieved 2020-07-02.

[5] "This Week In Security: Bitdefender, Ripple20, Starbucks, And Pwned Passwords". Hackaday. 2020-06-26. Retrieved 2020-07-02.

[6] "List of Ripple20 vulnerability advisories, patches, and updates". Bleepingcomputer.com. 2020-06-25. Retrieved 2020-07-02.

[7] "Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020". Tools.cisco.com. 2020-06-16. Retrieved 2020-07-02.

[8] "Overview". jsof-tech.com. Retrieved 2020-07-02.

[9] Jon Gold. "Ripple20 TCP/IP flaws can be patched but still threaten IoT devices". Network World. Retrieved 2020-07-02.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]