-
Products
-
Loudspeakers
- SHS Series
- In-Ceiling
- Surface Mount
- Pendent Mount Speakers
- IP Speakers
- Sound Masking Speakers
- Subwoofers
- Line Columns & Arrays
-
Speaker Components
- Speaker Drivers
- Transformers
-
Baffles & Back Boxes
- Blind Mount Enclosures
- EZ Mount Enclosures
- General Purpose Baffles
- Vandal Proof
- Q series
- Q Series - Square
- Recessed
- Torsion Baffles & Enclosures
- Cylindrical
- General Purpose Baffles - Square
- Recessed - Square
- Surface Mount Enclosures - Square
- Fire Rated
- 8" Speaker & Analog Clock
- Surface Mount Enclosures
- Mounting Rails
- Mounting Rings & Squares
- T Bar Bridge
- Portable Speakers
- Specialty Speakers
- Life Safety
- Horns
- Sound Masking
- Amplifiers
- GLOBALCOM® Enterprise Communication Ecosystem
- 5400 Series Life Safety Public Address System
- IP Solutions
- DSP / Signal Processors
- AC Power Distribution
- Racks and Cabinets
- Visual Displays
- Microphone & Mic Stands
- Classroom Audio Distribution
- Audio Accessories & Options
- Dante® Enabled Devices
- Buy America Act - Trade Agreements Act
- Discontinued Product
-
Loudspeakers
- Systems
- Industries/Markets
- Support
- Resources
- About Us
-
Products
-
Loudspeakers
- SHS Series
- In-Ceiling
- Surface Mount
- Pendent Mount Speakers
- IP Speakers
- Sound Masking Speakers
- Subwoofers
- Line Columns & Arrays
-
Speaker Components
- Speaker Drivers
- Transformers
-
Baffles & Back Boxes
- Blind Mount Enclosures
- EZ Mount Enclosures
- General Purpose Baffles
- Vandal Proof
- Q series
- Q Series - Square
- Recessed
- Torsion Baffles & Enclosures
- Cylindrical
- General Purpose Baffles - Square
- Recessed - Square
- Surface Mount Enclosures - Square
- Fire Rated
- 8" Speaker & Analog Clock
- Surface Mount Enclosures
- Mounting Rails
- Mounting Rings & Squares
- T Bar Bridge
- Portable Speakers
- Specialty Speakers
- Life Safety
- Horns
- Sound Masking
- Amplifiers
- GLOBALCOM® Enterprise Communication Ecosystem
- 5400 Series Life Safety Public Address System
- IP Solutions
- DSP / Signal Processors
- AC Power Distribution
- Racks and Cabinets
- Visual Displays
- Microphone & Mic Stands
- Classroom Audio Distribution
- Audio Accessories & Options
- Dante® Enabled Devices
- Buy America Act - Trade Agreements Act
- Discontinued Product
-
Loudspeakers
- Systems
- Industries/Markets
- Support
- Resources
- About Us
- HOME /
- Transportation Resources /
- User Groups and Support /
- Tech Notes /
- Network Security: Ripple 20 Vulnerability Analysis
Network Security: Ripple 20 Vulnerability Analysis
Originally published June 24, 2020
Announcements came out in June 2020 of a potential vulnerability in embedded products that could allow them to be taken over and turned into bots, called Ripple 20. A good introduction to this issue was recently published by ZDnet with the headline and byline of:
Ripple20 vulnerabilities will haunt the IoT landscape for years to come
Security researchers disclose 19 vulnerabilities impacting a TCP/IP library found at the base of many IoT products.
The full article is located here: https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come/
The vulnerabilities were discovered by the cybersecurity experts at JSOF, a group at Hebrew University in Jerusalem. Their article on the vulnerabilities goes into more detail, and is located here: https://www.jsof-tech.com/ripple20/
The vulnerabilities are in a network stack library written by a company called Treck that has been widely used since the 90's and could potentially be in any company's products. JSOF provides a Fingerprint Scanning utility that companies can used to evaluate devices on a network. AtlasIED has procured this utility and run it on test system networks in-house in order to check all of our products for this potential vulnerability. JSOF's wording on interpreting the results of the scan is cautious/conservative, saying that a negative results "Indicates that the host might NOT use" the affected network stack software.
AtlasIED ran the Fingerprint Scanning tests using the version 1.3 (dated 6/22/2020) from JSOF and found not positive results, meaning none of our products seem to have the Ripple 20 Vulnerability. The results of the tests are shown in the attached document.
Support Files
