Ripple20 Vulnerabilities Affecting Treck IP Stacks

Original release date: June 16, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following products for additional information and mitigations, and update to the latest stable version of Treck IP stack software (6.0.1.67 or later).

This product is provided subject to this Notification and this Privacy & Use policy.