Ripple20 : The Set Of Vulnerabilities

  • Home
  • /
  • Ripple20 : The Set Of Vulnerabilities

Share

Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

 In 2020 a small cybersecurity research company has found a set of 19 vulnerabilities that were originated from Treck Internet Protocol library. The vulnerabilities have affected different manufacturers as it was used in their components.

Ripple 20wattlecorp-blog-ripple20-cybersecurity

JSOF has declared information on a group of vulnerabilities known as Ripple20. They have the potential to impact millions of IoT devices across different industries. Some of them are delicate machines in medical, transportation, manufacturing industries, etc. These vulnerabilities were seen in an American software Treck Inc. This software uses a lightweight TCP/IP stack and allows companies to connect their devices or software to the internet via TCP/IP connections. The software has been used by different manufacturers and because of this, the impact was widespread.

Read More: What happened in the Twitter Attack?

Problems of Ripple20cybersecurity-ethicalhacking-blog-ripple20

Ripple 20 led the hackers to access vulnerable devices through local networks or over the internet and can take control of devices. One of the vulnerability is a DNS protocol where a hacker can attack devices that are not connected to the internet. Other possible attacks defined by JSOF, include the use of vulnerable devices to target other devices in a network, utilizing the vulnerable device to act hidden in-network, and broadcasting an attack to take control of all infected devices in the network, etc..Four of the Ripple20 vulnerabilities are critical, with CVSS (common vulnerability scoring system) scores over 9 and enable Remote Code Execution. Treck has released a security update addressing these vulnerabilities.

Read More

All About Bug Bounty Hunting

 Solutions against Ripple20ripple20-set-of-vulnerabilities-ethicalhacking-cybersecurity-wattlecorp-blog

To avoid Ripple20 Vulnerabilities, detection is one of the major steps.

Products like EdgeIPSTM and EdgeFireTM can help owners find Ripple 20 vulnerabilities through network traffic scanning. Try to block abnormal IP traffic. The users take protective measures against these vulnerabilities by installing updates from Treck, minimizing network exposure, implementing firewalls, using virtual private networks, and internal DNS servers.

Contributors :

Share

Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

Join a secure newsletter.

Secure, disturbance free and spam-free

Leave a Comment

Your email address will not be published. Required fields are marked *