Ripple20
As of June 16th 2020, a total of 19 vulnerabilities, collectively called Ripple20, were found within an embedded TCP/IP stack software library. This library, developed by Treck, Inc. was used in the manufacturing chain across all industries and could affect several hundred million devices.
Four vulnerabilities are considered critical and are tracked against CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, and CVE-2020-11901. These four have a CVSS severity score greater than 9 and can lead to remote code execution if weaponized. It is recommended affected devices are updated to the latest Treck stack version 6.0.1.67 or greater.
There are at least 21 confirmed affected vendors including Aruba Networks, Cisco, Dell, Digi International, HP, Intel, as well as several OT device manufacturers, such as Rockwell Automation and Schneider Electric/APC.
*At the time of this case study, Fortra VM and its corresponding security solutions were referred to under the Frontline brand.
UPDATE 7/6/2020: Two checks are now available to identify Ripple20 potentially vulnerable systems in Frontline.Cloud. Please contact Support with any questions or for assistance.