Ordr Appoints Wes Wright as Chief Healthcare Officer Read more here!
Go back to blogs

Ripple20 Update!

On Dec-18 Intel reported four more vulnerabilities on Treck TCP/IP stack on top of 19 more vulnerabilities found by JSOF early this year. The four vulnerabilities are:

CVE-2020-25066, Heap-based buffer overflow with a CVSS V3 base score of 9.8

CVE-2020-27337, Out-of-bounds write with a CVSS V3 score of 9.1

CVE-2020-27338, Out-of-bounds read with a CVSS V3 score of 5.9

CVE-2020-27336, Out-of-bounds read with a CVSS V3 score of 3.7

Ordr did extensive work to not only help identify devices impacted by the Ripple20 vulnerabilities but also detect any active exploitations happening. Please refer to the previous document published on how Ordr can help with Ripple20 vulnerabilities – https://ordr.net/security-bulletin/how-ordr-detects-and-mitigates-ripple20

As of now only one manufacturer has published the new vulnerabilities with a list of impacted products and the Treck official page acknowledged these new vulnerabilities. Treck also refers the CERT coordination center advisory which lists the same set of devices that was identified by the previous advisory implying that it’s in the common code base.

Based on the advisories, Ordr extends the capability to cover the new vulnerabilities as well. In summary, Ordr provides detection and protection in three different ways,

  1. Identify devices that are impacted by Ripple20 based on manufacturer advisories.
  2. Ordr does understand that a significant percentage of devices may never be publicly identified as Ripple20 impacted due to various reasons. Ordr developed an in-built scanner which can detect if a device is impacted by these Ripple20 vulnerabilities.
  3. Ordr has an in-built IDS engine. Specific signatures were developed to detect any active exploitation of these vulnerabilities. Alarms will be generated and can be pushed to a SIEM platform for immediate action.

Finally, the best way to protect the organization is behavior based microsegmentation. Ordr provides the industry leading microsegmentation solution with variety of options based on customer needs.

For more information on how Ordr can help you identify and manage vulnerabilities for any connected device, please contact info@ordr.net.

Prasanna Rajendiran

Prasanna Rajendiran has more than 20 years of experience in various engineering, solutions architect, product management and customer success roles with a focus in telecommunications and security. At Ordr, Prasanna serves as a Principal where he is responsible for working with customers in their complex environments and internally to develop cutting edge solutions.

Follow by Author

Get Your Devices in Ordr

Request a Demo

Let our product experts show you how Ordr addresses your critical use cases.

Get A Demo

Request an Assessment

Get a no-obligation, free assessment for your business. Identify assets and the risks they bring.

Get an Assessment