Security News > 2020 > June > ‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices

‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices
2020-06-16 16:22

A series of 19 different vulnerabilities, four of them critical, are affecting hundreds of millions of internet of things and industrial-control devices.

Researchers at JSOF uncovered the faulty part of Treck's code, which is built to handle the ubiquitous TCP-IP protocol that connects devices to networks and the internet, in the devices of more than 10 different manufacturers-and it's likely present in dozens more.

If properly exploited, data could be stolen off of a printer, a medical device's behavior could be tampered with, or industrial control devices could be made to malfunction.

Effective exploitation can lead to a host of bad outcomes, the research firm warned, such as remote takeover of devices and lateral movement within the compromised network; broadcast attacks that can take over all impacted devices in the network simultaneously; hiding within an infected device for stealthy recon; and bypassing network address traversal protections.

Based on CERT/CC and CISA ICS-CERT advisories, if gear can't be patched, admins should minimize network exposure for embedded and critical devices, ensuring that devices are not accessible from the Internet unless absolutely essential.


News URL

https://threatpost.com/millions-connected-devices-ripple20-bugs/156599/