Miten tämä tapaus vaikuttaa Elisan tuotteisiin, laitteistoihin ym. Onko esim. netgem digiboxeissa Treck firman koodia? Myös osassa ciscon verkkolaitteissa on tätä haavoivuttuviiksille altistavaa koodia.
Laajalle alueelle ulottuva ongelma jonka takana on kahden hengen firman tuottama koodi, joka on levinnyt 23 vuotta eri valmistajien kautta sulautteuihin järjestelmiin, esim. HP-printterit, sairaalalaitteisiin, teollisuuden laitteistot ja voi vaikuttaa voimaloihin, lentokone-teollisuuden ym. tuotantoketjuihin.
AIka uskomaton tapaus. Jos olisi ollut avointa koodia, olisi varmasti joku huomannut aikaisemmin.
Ripple20 poses a significant risk from the devices still in use. Potential risk scenarios include:
An attacker from outside the network taking control over a device within the network, if internet facing.
• An attacker who has already managed to infiltrate a network can use the library vulnerabilities to target specific devices within it.
• An attacker could broadcast an attack capable of taking over all impacted devices in the network simultaneously.
• An attacker may utilize affected device as a way to remain hidden within the network for years
• A sophisticated attacker can potentially perform an attack on a device within the network, from outside the network boundaries, thus bypassing NAT configurations. This can be done by performing a MITM attack or a dns cache poisoning.
• In some scenarios, an attacker may be able to perform attacks from outside the network by replying to packets that leave network boundaries, bypassing NAT
In all scenarios, an attacker can gain complete control over the targeted device remotely, with no user interaction required.
Varmistetut valmistajat joihin vaikuttaa.
Aruba Networks | HCL Tech | Zuken Elmic |
B. Braun | HP | |
Baxter | HPE | |
CareStream | Intel | |
Caterpillar | Maxlinear | |
Cisco | Opto22 | |
Dell | Rockwell Automation | |
Digi International | Schneider Electric/APC | |
Eaton | Teradici | |
Green Hills Software | Xeroex |
Haavoittuvuuden löytänyt firma:
https://www.jsof-tech.com/ripple20/
https://www.jsof-tech.com/ripple20/#ripple-riskmitigation
Iloisen yllätyksen maailmaille tuottanut firma:
https://treck.com/