Ripple20 zero day put several of devices at higher risk
IoT devices get hacked due to 19 newly discovered vulnerabilities
Researchers reveal new flaws of TCP at the base of many IoT products. It means that billions of internet connected devices are at a huge risk and can also get hacked. According to reports, zero day vulnerabilities Ripple20 states that these flaws can affects hundreds of billions of devices because of the function of arbitrary code that execute on any targeted system.
An attacker could hide malicious code within embedded devices for years. One of the vulnerabilities could enable entry from outside into the network boundaries; and this is only a small taste of the potential risks.
According to these issues, the security flaws affect billions of internet connected devices that are manufactured by various vendors all around the world. This group of flaws resides in low level TCP software developed by Treck. Ion case, if this flaw gets exploited attackers can gain remote access to the targeted computer and take complete control over the system. These entire illegal activities do not require user’s permission to perform any of these tasks.
Devices at risk uses in various industries
The affected library present in the computer used in power grids, aviation and government, industrial fields, national security sectors. These flaws can get exploited and used against people, the damage may be severe especially when devices range from one home to medical, data centers, telecommunication, oil, gas, nuclear, transportation and many others.
The interesting thing about Ripple20 is the incredible extent of its impact, magnified by the supply chain factor. The wide-spread dissemination of the software library (and its internal vulnerabilities) was a natural consequence of the supply chain “ripple-effect”. A single vulnerable component, though it may be relatively small in and of itself, can ripple outward to impact a wide range of industries, applications, companies, and people.
According to experts, all the products using in this library will remain unpatched due to complex software supply chain. The main problem is that library was not used by equipment vendor directly. Other software suites also integrated in this library as many companies are not aware that the particular piece of code is vulnerable.
Some of the Ripple20 software flaws got patched:
Treck Company revealed that patches are now available for all the Ripple20 flaws but there are changes in code configurations. The name for the group of flaws was given depending on the current year 2020 and the ripple effect they can cause in the IoT landscape. Further, all the flaws in this group have different levels of the CVSS score ranging 3.1 to 10 based on the potentially caused damaged:
- CVE-2020-11896. This one can result in remote code execution. Level 10.0.
- CVE-2020-11897. This flaw can trigger possible out-of-bounds. Level 10.0.
- CVE-2020-11898. The vulnerability can result in the exposure of valuable data. Level 9.8.
- CVE-2020-11899. This flaw when used allows exposure of sensitive information. Level 9.8.
- CVE-2020-11900. This is the flaw that can also result in remote code execution. Level 9.3.
- CVE-2020-11901. This bug can result in remote code execution on the targeted device. Level 9.0.