Treck Inc put Internet of Things in peril

July 15, 2020
treck inc ripple20 vulnerability software vulnerabilities assessment iot internet of things

You probably never heard of IoT or perhaps came across the term, and you might have never really known what it was. The  Internet of Things, aka IoT, is connecting any machine capable of connecting to the internet. Research from different experts shows that by 2021 there will be over 26 billion connected devices globally.


What exactly is Ripple20? 

It is a set of 19 vulnerabilities potentially affecting millions of devices utilizing the famous Treck embedded IP stack company and software. Companies that use Treck are HP, Schneider Electric, Intel, Rockwell Automation, Caterpillar, Baxter, just to name a few. The main issue here is that the stack is sold and then resold down as a supply chain, causing a lot of other products to use the stack without being aware.


Four known flaws of Ripple20

  • CVE-2020-11896 (critical rating 10)
  • CVE-2020-11897 (critical rating 10)
  • CVE-2020-11901 (critical rating 9)
  • CVE-2020-11898 (critical rating 9.1)


The vulnerabilities listed above can allow attackers to hijack Internet of Things devices and any industrial or healthcare equipment. If properly executed, data can be exfiltrated off a printer, or an industrial IoC controlled device could be made to malfunction. Most of the flaws are enough for botnet operators to conduct sophisticated phishing attacks, but they can also be used for targeted attacks.


Preventive Measures for Internet of Things

  1. Apply the latest software version of the affected products
  2. Setup minimal network exposure of embedded and critical devices, to make sure that these devices have limited internet access unless they are needed to prevent intrusion.
  3. Isolate operational technology network and devices this may apply to industrial systems, segregate these networks behind firewalls – away from critical business networks.
  4. Filter traffic data coming into your business network to preempt signs of compromise.


Remember, any device that is not secured is prone to abuse from threat actors. Some might say that “do not hate the coder but hate the code.”, as much as we want to disagree, those with the criminal minds will stop at nothing. Be it out of curiosity to a professional hack job, the vulnerabilities and security gap can always be traced back to the creator. It is the developer of the device that is responsible for securing their work. Nowadays, security must be considered as an essential part of planning when it comes to the life cycle of hardware devices and software.


About the author

Leave a Reply