Originally published June 24, 2020
Announcements came out in June 2020 of a potential vulnerability in embedded products that could allow them to be taken over and turned into bots, called Ripple 20. A good introduction to this issue was recently published by ZDnet with the headline and byline of:
Ripple20 vulnerabilities will haunt the IoT landscape for years to come
Security researchers disclose 19 vulnerabilities impacting a TCP/IP library found at the base of many IoT products.
The full article is located here: https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come/
The vulnerabilities were discovered by the cybersecurity experts at JSOF, a group at Hebrew University in Jerusalem. Their article on the vulnerabilities goes into more detail, and is located here: https://www.jsof-tech.com/ripple20/
The vulnerabilities are in a network stack library written by a company called Treck that has been widely used since the 90's and could potentially be in any company's products. JSOF provides a Fingerprint Scanning utility that companies can used to evaluate devices on a network. AtlasIED has procured this utility and run it on test system networks in-house in order to check all of our products for this potential vulnerability. JSOF's wording on interpreting the results of the scan is cautious/conservative, saying that a negative results "Indicates that the host might NOT use" the affected network stack software.
AtlasIED ran the Fingerprint Scanning tests using the version 1.3 (dated 6/22/2020) from JSOF and found not positive results, meaning none of our products seem to have the Ripple 20 Vulnerability. The results of the tests are shown in the attached document.