Ripple20 Zero-Day Vulnerability Announced

Israeli-based cybersecurity company JSOF discovered a suite of vulnerabilities, dubbed Ripple20, in a critical subsystem created by Treck, Inc. This subsystem is commonly integrated into many major technology vendors’ network controllers. These devices can be anything from network-connected UPS (Uninterruptible Power Supply) and printers to medication pumps and SCADA controllers.

The Ripple20 vulnerability suite allows an attacker to use these internet-connected devices to gain remote access to the vulnerable device, set up shop, and use the compromised device to pivot to any number of other internal devices, computers, or servers on your network. As cybersecurity expert Steve Gibson said, “The Internet’s already target-rich environment just got a whole lot richer.” He also noted that a network firewall may not fully protect your devices from this vulnerability, depending on its configuration and how the device is configured to work.

Due to the popularity of Treck’s subsystem by hardware and integrated systems manufacturers, the number of affected devices easily reaches into the BILLIONS.

Industries Potentially Affected by Ripple20

JSOF responsibly reported this vulnerability to Treck, who in turn fixed the issues in a new version of their software, which was released to their customers. Many vendors have already released advisories and updates for their systems and hardware, most of which will require manual updates to ensure that systems are no longer vulnerable. Popular computer blog Bleeping Computer has compiled a list of these advisories and updates, which you can find here. (This is by no means a comprehensive list. Readers should consult their network-connected device vendors’ websites over the next few weeks to ensure that there are no outstanding updates for their devices.)

As companies and individuals purchase more and more internet-connected devices and add them to their network, the risk to network security increases. These devices must be monitored and maintained to ensure that they are up-to-date with the latest security releases from their manufacturers. A managed network solutions provider or IT consultant, like Evolution Networks, can find and remediate these vulnerabilities for you, as well as set up your company’s network to slow the spread of any potential intrusion.

Contact Evolution Networks today for a free consultation for new clients!