Treck Inc.
   HOME

TheInfoList



Click Here for Items Related To - Treck Inc.
OR:
Treck Inc. on:   [Wikipedia]   [Google]   [Amazon]

Ripple20 is a set of
vulnerabilities Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." The understanding of social and environmental vulnerability, as a methodological approach, involves ...
discovered in 2020 in a
software library In computing, a library is a collection of resources that can be leveraged during software development to implement a computer program. Commonly, a library consists of executable code such as compiled functions and classes, or a library can ...
that implemented a TCP/IP stack. The security concerns were discovered by JSOF, which named the collective vulnerabilities for how one company's code became embedded into numerous products. The software library was created around 1997 and had been implemented by many manufacturers of online devices.


Description

Ripple20 is a set of 19
vulnerabilities Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." The understanding of social and environmental vulnerability, as a methodological approach, involves ...
discovered in 2020 in a
software library In computing, a library is a collection of resources that can be leveraged during software development to implement a computer program. Commonly, a library consists of executable code such as compiled functions and classes, or a library can ...
developed by the
Cincinnati Cincinnati ( ; colloquially nicknamed Cincy) is a city in Hamilton County, Ohio, United States, and its county seat. Settled in 1788, the city is located on the northern side of the confluence of the Licking River (Kentucky), Licking and Ohio Ri ...
-based company Treck Inc., which implemented a TCP/IP stack.


History

The first release of Treck's library was around 1997. Treck had also worked with Elmic Systems, which created a
fork In cutlery or kitchenware, a fork (from 'pitchfork') is a utensil, now usually made of metal, whose long handle terminates in a head that branches into several narrow and often slightly curved tines with which one can spear foods either to h ...
of the library when the companies ended their collaboration. In September 2019, JSOF researchers analyzed a device containing code from the library and discovered it had vulnerabilities. Further analysis determined that the code originated from Treck's library, which had been widely implemented by numerous manufacturers. The disclosure of the vulnerabilities was made in June 2020. ''Ripple20'' was chosen as the name for the set of vulnerabilities based on the disclosure year and the idea that the problems "rippled" through the supply chain from one company. It is difficult to identify all affected devices, because manufacturers may not realize that the library was used in one of their components.


References


External links

* {{cite web, url=https://treck.com/vulnerability-response-information/, title=Vulnerability Response Information, website=treck.com Computer security exploits