Security News > 2020 > December > CISA Issues ICS Advisory for New Vulnerabilities in Treck TCP/IP Stack

CISA Issues ICS Advisory for New Vulnerabilities in Treck TCP/IP Stack
2020-12-22 13:47

Security updates available for the Treck TCP/IP stack address two critical vulnerabilities leading to remote code execution or denial-of-service.

A low-level TCP/IP software library, the Treck TCP/IP stack is specifically designed for embedded systems, featuring small critical sections and a small code footprint.

Last week, a series of four new vulnerabilities that Intel's security researchers discovered in the Treck TCP/IP stack were made public.

Learn more about vulnerabilities in industrial systems at SecurityWeek's ICS Cyber Security Conference and SecurityWeek's Security Summits virtual event series.

Just as these new vulnerabilities were publicly disclosed, security firm Forescout announced the release of an open-source script that can help identify the use of TCP/IP stacks vulnerable to the recently disclosed AMNESIA33 set of vulnerabilities.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/XqBVnvG31-Q/cisa-issues-ics-advisory-new-vulnerabilities-treck-tcpip-stack

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Treck 2 0 14 5 5 24