CERT/CC Vulnerability Note VU#257161

Overview

Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20.

Description

Treck IP network stack software is designed for and used in a variety of embedded systems. The software can be licensed and integrated in various ways, including compiled from source, licensed for modification and reuse and finally as a dynamic or static linked library. Treck IP software contains multiple vulnerabilities, most of which are caused by memory management bugs. For more details on the vulnerabilities introduced by these bugs, see Treck's Vulnerability Response Information and JSOF's Ripple20 advisory.

Historically-related KASAGO TCP/IP middleware from Zuken Elmic (formerly Elmic Systems) is also affected by some of these vulnerabilities.

These vulnerabilities likely affect industrial control systems and medical devices. Please see ICS-CERT Advisory ICSA-20-168-01 for more information.

Impact

The impact of these vulnerabilities will vary due to the combination of build and runtime options used while developing different embedded systems. This diversity of implementations and the lack of supply chain visibility has exasperated the problem of accurately assessing the impact of these vulnerabilities. In summary, a remote, unauthenticated attacker may be able to use specially-crafted network packets to cause a denial of service, disclose information, or execute arbitrary code.

Solution

Apply updates

Update to the latest stable version of Treck IP stack software (6.0.1.67 or later). Please contact Treck at security@treck.com. Downstream users of embedded systems that incorporate Treck IP stacks should contact their embedded system vendor.

Block anomalous IP traffic

Consider blocking network attacks via deep packet inspection. In some cases, modern switches, routers, and firewalls will drop malformed packets with no additional configuration. It is recommended that such security features are not disabled. Below is a list of possible mitigations that can be applied as appropriate to your network environment.

Normalize or reject IP fragmented packets (IP Fragments) if not supported in your environment
Disable or block IP tunneling, both IPv6-in-IPv4 or IP-in-IP tunneling if not required
Block IP source routing and any IPv6 deprecated features like routing headers (see also VU#267289)
Enforce TCP inspection and reject malformed TCP packets
Block unused ICMP control messages such MTU Update and Address Mask updates
Normalize DNS through a secure recursive server or application layer firewall
Ensure that you are using reliable OSI layer 2 equipment (Ethernet)
Provide DHCP/DHCPv6 security with feature like DHCP snooping
Disable or block IPv6 multicast if not used in switching infrastructure

Further recommendations are available here.

Detect anomalous IP traffic

Suricata IDS has built-in decoder-event rules that can be customized to detect attempts to exploit these vulnerabilities. See the rule below for an example. A larger set of selected vu-257161.rules are available from the CERT/CC Github repository.

#IP-in-IP tunnel with fragments
alert ip any any -> any any (msg:"VU#257161:CVE-2020-11896, CVE-2020-11900 Fragments inside IP-in-IP tunnel https://kb.cert.org/vuls/id/257161"; ip_proto:4; fragbits:M; sid:1367257161; rev:1;)

Acknowledgements

Moshe Kol and Shlomi Oberman of JSOF https://jsof-tech.com researched and reported these vulnerabilities. Treck worked closely with us and other stakeholders to coordinate the disclosure of these vulnerabilities.

This document was written by Vijay Sarvepalli.

Vendor Information

257161

Filter by status:

Filter by content: Additional information available

Sort by:

Expand all

Aruba Networks Affected

Updated: 2022-09-20

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Please see updated information about Aruba/ HPE products in regards to the Ripple20 vulnerabilities - ARUBA-PSA-2020-006

References

Baxter US Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Please see the Baxter bulletin link in References section

References

B. Braun Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/Skyline%20Response_Outlook_6.9.2020_FINAL1.pdf

CERT Addendum

B. Braun provide information via "Important information about our products and services" section of their website. Braun has mentioned this as Skyline/2020 vulnerability.

Brother USA Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

It was discovered that multiple potential vulnerabilities exist in the networking stack used in Brother products.

References

CERT Addendum

Please see references in both English and Japanese provided by Brother

CareStream Affected

Notified: 2020-08-19 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

For details on Carestream's affected products, please see the Ripple20 Product Security Advisory.

References

Caterpillar Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT Addendum

ICS-CERT has communicated with Caterpillar and has confirmed this vulnerability. Please see ICS CERT announcement https://www.us-cert.gov/ics/advisories/icsa-20-168-01

Cisco Affected

Notified: 2020-05-04 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

The list of confirmed products are under the "Vulnerable Products" section of the advisory.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC

Dell Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Please reference the Dell Security Notice link provided in the references section.

References

Digi International Affected

Notified: 2020-05-21 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://www.digi.com/resources/security

CERT Addendum

Please look for an announcement from Digi on Treck's vulnerabilities being addresses.

Eaton Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-security-bulletin-treck-tcp-ip-stack-vulnerabilities-ripple20.pdf

CERT Addendum

Please see Eaton Advisory in 2020 section

Fujitsu Affected

Updated: 2020-09-30

Statement Date: June 26, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Please reference the Fujitsu PSIRT (CEE, NWE, UK&I) Security Advisory link provided in the references section.

References

CERT Addendum

Please visit JPCERT status page for Fujitsu's status https://jvn.jp/vu/JVNVU94736763/index.html

Green Hills Software Affected

Notified: 2020-07-10 Updated: 2020-06-25

Statement Date: July 10, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Green Hills Software LLC’s GHnet™ v2 network stack is based on the network stack from Treck Inc. Treck informed Green Hills Software of multiple vulnerabilities in its network stack, which were found by a third party.

While GHnet v2 is based on Treck’s network stack, the two are not identical. Green Hills Software has made many improvements, added new features, and fixed bugs in the product. Because of these improvements and INTEGRITY’s separation kernel architecture, the impact of these vulnerabilities on GHnet v2 is far less severe.

Green Hills Software has and will continue to advocate for running middleware, driver, and application code in partitioned virtual address spaces, rather than in the kernel. The INTEGRITY Real-Time Operating System was designed to provide isolation between applications and the kernel, protecting the rest of the system if an application fails or misbehaves. Due to the isolation provided by INTEGRITY, running the GHnet v2 stack in a virtual address space significantly reduces the impact of these vulnerabilities. Green Hills Software strongly recommends that the GHnet v2 network stack, all other middleware, and all application code be placed in separate virtual address spaces.

Green Hills Software will include fixes for these vulnerabilities in future releases of GHnet v2, and is making patches available to customers on previous releases. If you have questions about how these vulnerabilities may affect your system, please contact your Green Hills Software sales representative, or contact Green Hills Software Technical Support.

References

https://support.ghs.com/psirt/PSA-2020-05/

Hewlett Packard Enterprise Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Please see HPE official link for information about ripple20 from HPE in the references section. For HPE's Aruba specific devices please see Aruba advisory PSA-2020-006.

References

HP Inc. Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

HP Security Bulletin ID c06655639 addresses Treck's vulnerability inherited through Intel. HP Security Bulletin c06640149 addresses HP and Samsung branded products that are impacted from Treck's embedded IP stack.

Intel Affected

Notified: 2020-06-05 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Please visit Intel's public security advisory SA-00295 for information.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html

CERT Addendum

Please check Intel's advisory that provides mapping relevant mapping to Treck's CVE listed in this advisory.

Mitsubishi Electric Corporation Affected

Updated: 2020-09-25

Statement Date: September 25, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have published an advisory on our official website. We are continuing to investigate impacts of this vulnerability for our products. We will update the advisory as needed.

References

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-010_en.pdf

Ricoh Company Ltd. Affected

Updated: 2020-06-25

Statement Date: July 31, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://www.ricoh-usa.com/en/support-and-download/alerts/alerts-security-vulnerability-announcements

CERT Addendum

Ricoh has provided a public statement on Treck IP Stacks vulnerabilities, please use the link provided above.

Rockwell Automation Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

See Rockwell's advisory https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1126896

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1126896

Schneider Electric Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Schneider has provided a security advisory SESB-2020-168-01 addressing this issue.

References

Teradici Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Teradici has issued a security advisory (TERA-SA-000056) and has addressed this issue with updated firmware for Tera2 PCoIP Zero Clients and PCoIP Remote Workstation cards.

References

https://advisory.teradici.com/security-advisories/56/

Toshiba Corporation Affected

Updated: 2020-07-03

Statement Date: August 19, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We are continuing to investigate impacts of this vulnerability for some products. We will contact the related customers.

Treck Affected

Notified: 2020-04-03 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

Treck's customers can contact us for additional details than what is in the advisory.

References

https://treck.com/vulnerability-response-information/

Xerox Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://security.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20J_for_B2XX.pdf

CERT Addendum

Please see Xerox advisory mini bulletin XRX20J dated June 16,2020

Zuken Elmic Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Affected

CVE-2020-11897

Affected

CVE-2020-11898

Affected

CVE-2020-11899

Affected

CVE-2020-11900

Affected

CVE-2020-11901

Affected

CVE-2020-11902

Affected

CVE-2020-11903

Affected

CVE-2020-11904

Affected

CVE-2020-11905

Affected

CVE-2020-11906

Affected

CVE-2020-11907

Affected

CVE-2020-11908

Affected

CVE-2020-11909

Affected

CVE-2020-11910

Affected

CVE-2020-11911

Affected

CVE-2020-11912

Affected

CVE-2020-11913

Affected

CVE-2020-11914

Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

Please see ELMIC's statement provided in References. Note that this product is also known as KASAGO TCP/IP.

Afero Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Afero does not currently use Treck's TCP/IP stack

CERT Addendum

There are no additional comments at this time.

Apple Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Apple products are not impacted by this issue.

BlackBerry Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Blackberry QNX Not Affected

Notified: 2020-08-27 Updated: 2020-06-25

Statement Date: August 27, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Check Point Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Check Point is not vulnerable to the Ripple20 vulnerabilities as we don't use Treck IP stack.

References

https://www.checkpoint.com/advisories/

Dell EMC Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Please reference the Dell Security Notice link provided in the references section.

References

IBM Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

IBM has found no impact to these vulnerabilities

LANCOM Systems GmbH Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

LANCOM Systems products are not vulnerable to these vulnerabilities. Further information can be found on our website https://www.lancom-systems.de/service-support/soforthilfe/allgemeine-sicherheitshinweise/

References

https://www.lancom-systems.de/service-support/soforthilfe/allgemeine-sicherheitshinweise/

Medtronic Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Please refer to the Medtronic Security Bulletin linked in the references section below.

References

https://global.medtronic.com/xg-en/product-security/security-bulletins/ripple20-vulnerabilities.html

NetApp Not Affected

Updated: 2020-07-30

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

References

https://security.netapp.com/advisory/ntap-20200625-0006/

NVIDIA Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

NVIDIA is not affected by these vulnerabilities.

References

https://www.nvidia.com/en-us/security/

Philips Electronics Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Philips analysis revealed that we have one product vulnerable to Treck TCP/IP stack vulnerability, however, it is not yet released to the market.

References

https://www.philips.com/security

QNAP Not Affected

Notified: 2020-10-06 Updated: 2020-10-08

Statement Date: October 08, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

The products of QNAP does not include IP stacks from Treck embedded software.

Sierra Wireless Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Sierra Wireless Inc. products are not affected by this vulnerability.

References

https://www.sierrawireless.com/company/security/

SonicWall Not Affected

Notified: 2020-05-07 Updated: 2021-02-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT Addendum

Sonicwall has mentioned that Treck stack is not in use in their SonicOS https://community.sonicwall.com/technology-and-support/discussion/931/about-ripple20

Synology Not Affected

Notified: 2020-06-17 Updated: 2020-06-25

Statement Date: June 18, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Please see Synology advisory Synology-SA-20:15

References

https://www.synology.com/security/advisory/Synology_SA_20_15

Systech Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

This does not apply to Systech. We do not use Treck in any of our products.

CERT Addendum

There are no additional comments at this time.

Technicolor Not Affected

Notified: 2020-06-15 Updated: 2020-06-25

Statement Date: June 15, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

None of Technicolor products embeds Treck IP software stack. This includes the products transferred in 2015 from acquisition of Cisco Connected Devices Division.

Texas Instruments Not Affected

Notified: 2020-05-14 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

The TI Product Security Incident Response Team has conducted an analysis and concluded that TI's products are not impacted by the potential vulnerabilities reported by Treck Inc. The TI PSIRT could not identify any hardware or software products from TI that make use of or contain the Treck Inc. embedded software TCP/IP stack.

References

Wind River Not Affected

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

CERT Addendum

There are no additional comments at this time.

Xilinx Not Affected

Notified: 2020-07-10 Updated: 2020-06-25

Statement Date: August 17, 2020

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

Xilinx is not affected by these vulnerabilities.

References

Zyxel Not Affected

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Not Affected

CVE-2020-11897

Not Affected

CVE-2020-11898

Not Affected

CVE-2020-11899

Not Affected

CVE-2020-11900

Not Affected

CVE-2020-11901

Not Affected

CVE-2020-11902

Not Affected

CVE-2020-11903

Not Affected

CVE-2020-11904

Not Affected

CVE-2020-11905

Not Affected

CVE-2020-11906

Not Affected

CVE-2020-11907

Not Affected

CVE-2020-11908

Not Affected

CVE-2020-11909

Not Affected

CVE-2020-11910

Not Affected

CVE-2020-11911

Not Affected

CVE-2020-11912

Not Affected

CVE-2020-11913

Not Affected

CVE-2020-11914

Not Affected

CVE-2020-8674

Unknown

Vendor Statement

With a thorough investigation, Zyxel confirms that their products are NOT affected because they do not use any Treck packages.

Broadcom Unknown

Notified: 2020-05-14 Updated: 2021-02-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT Addendum

Broadcom APM is not affected by these vulnerabilities. Broadcom's reference can be found at https://knowledge.broadcom.com/external/article/194508/apm-impact-of-ripple20-vulnerability.html

Avaya Unknown

Updated: 2020-08-06

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

BAE Systems Unknown

Notified: 2020-05-04 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Blunk Microsystems Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Cesanta Unknown

Notified: 2020-08-28 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Citrix Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Contiki OS Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Dataprobe, Inc. Unknown

Notified: 2021-07-13 Updated: 2022-09-20

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell SecureWorks Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Diebold Election Systems Unknown

Notified: 2020-08-31 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

D-Link Systems Inc. Unknown

Notified: 2020-08-19 Updated: 2020-08-20

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Elmic Systems Unknown

Updated: 2020-06-16

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Extreme Networks Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

HMS Networks AB Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Corporation (zseries) Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Kwikset Unknown

Notified: 2020-09-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Linksys Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

LITE-ON Technology Corporation Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Lynx Software Technologies Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

McCain Inc Unknown

Updated: 2020-09-30

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Micrium Unknown

Notified: 2020-09-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Monroe Electronics Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Motorola Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

NEC Corporation Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

OleumTech Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

OMRON Industrial Automation Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Panasonic Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Polycom Inc. Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Roku Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Sharp Electronics Corporation Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

SimCom Wireless Unknown

Notified: 2020-05-14 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Sony Unknown

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Tizen Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

TRENDnet Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubuntu Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Verifone Unknown

Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Verizon Unknown

Updated: 2020-07-03

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vocera Unknown

Notified: 2020-05-14 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Unknown

Notified: 2020-05-07 Updated: 2020-06-25

CVE-2020-0594

Unknown

CVE-2020-0595

Unknown

CVE-2020-0597

Unknown

CVE-2020-11896

Unknown

CVE-2020-11897

Unknown

CVE-2020-11898

Unknown

CVE-2020-11899

Unknown

CVE-2020-11900

Unknown

CVE-2020-11901

Unknown

CVE-2020-11902

Unknown

CVE-2020-11903

Unknown

CVE-2020-11904

Unknown

CVE-2020-11905

Unknown

CVE-2020-11906

Unknown

CVE-2020-11907

Unknown

CVE-2020-11908

Unknown

CVE-2020-11909

Unknown

CVE-2020-11910

Unknown

CVE-2020-11911

Unknown

CVE-2020-11912

Unknown

CVE-2020-11913

Unknown

CVE-2020-11914

Unknown

CVE-2020-8674

Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 85 vendors View less vendors

References

Other Information

CVE IDs:	CVE-2020-0594 CVE-2020-0595 CVE-2020-0597 CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 CVE-2020-8674
API URL:	VINCE JSON \| CSAF
Date Public:	2020-06-16
Date First Published:	2020-06-16
Date Last Updated:	2022-09-20 01:54 UTC
Document Revision:	48

Software Engineering Institute

CERT Coordination Center

Treck IP stacks contain multiple vulnerabilities

Vulnerability Note VU#257161

Overview

Description

Impact

Solution

Apply updates

Block anomalous IP traffic

Detect anomalous IP traffic

Acknowledgements

Vendor Information

Aruba Networks Affected

Vendor Statement

References

Baxter US Affected

Vendor Statement

References

B. Braun Affected

Vendor Statement

References

CERT Addendum

Brother USA Affected

Vendor Statement

References

CERT Addendum

CareStream Affected

Vendor Statement

References

Caterpillar Affected

Vendor Statement

CERT Addendum

Cisco Affected

Vendor Statement

References

Dell Affected

Vendor Statement

References

Digi International Affected

Vendor Statement

References

CERT Addendum

Eaton Affected

Vendor Statement

References

CERT Addendum

Fujitsu Affected

Vendor Statement

References

CERT Addendum

Green Hills Software Affected

Vendor Statement

References

Hewlett Packard Enterprise Affected

Vendor Statement

References

HP Inc. Affected

Vendor Statement

References

CERT Addendum

Intel Affected

Vendor Statement

References

CERT Addendum

Mitsubishi Electric Corporation Affected

Vendor Statement

References

Ricoh Company Ltd. Affected

Vendor Statement

References

CERT Addendum

Rockwell Automation Affected

Vendor Statement

References

Schneider Electric Affected

Vendor Statement

References

Teradici Affected

Vendor Statement