Ripple20 Vulnerabilities Affect Hundreds of Millions of IoT Devices

Zero-day vulnerabilities have been discovered that could impact millions of IoT devices found in data centers, power grids, and elsewhere.

The flaws, dubbed Ripple20, were detected by the JSOF research lab in a widely used low-level TCP/IP software library developed by Treck, Inc. In research published today, JSOF said Ripple20 includes multiple remote code execution vulnerabilities and affects "hundreds of millions of devices (or more)."

Researchers named the vulnerabilities Ripple20 to reflect the widespread impact they have had as a natural consequence of the supply chain "ripple-effect" that has seen the widespread dissemination of the software library and its internal flaws.

"A single vulnerable component, though it may be relatively small in and of itself, can ripple outward to impact a wide range of industries, applications, companies, and people," wrote researchers.

Ripple20 reached critical IoT devices involving a diverse group of vendors from a wide range of industries. Affected vendors range from one-person boutique shops to Fortune 500 multinational corporations, including HP, Schneider Electric, Intel, Rockwell Automation, Caterpillar, and Baxter.

Researchers said many other major international vendors are suspected of being vulnerable in the medical, transportation, industrial control, enterprise, energy (oil/gas), telecom, retail and commerce, and other industries. 

"The risks inherent in this situation are high," wrote researchers. "Data could be stolen off of a printer, an infusion pump behavior changed, or industrial control devices could be made to malfunction." 

By exploiting the flaws, an attacker could hide malicious code within embedded devices for year ..

Support the originator by clicking the read the rest link below.