Original release date: June 16, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following products for additional information and mitigations, and update to the latest stable version of Treck IP stack software (6.0.1.67 or later).
- CISA’s Advisory ICSA-20-168-01
- CERT Coordination Center’s Vulnerability Note VU#257161
- Treck’s Vulnerability Response Information
This product is provided subject to this Notification and this Privacy & Use policy.