Skip to main content

Hitachi

Hitachi Incident Response Team

Hitachi Incident Response Team

HIRT-PUB20002 : Treck TCP/IP Vulnerabilities (Ripple20)

Last Update: August 17, 2020

1. Overview

Treck Inc.'s embedded TCP/IP stack is affected by multiple vulnerabilities.

CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914

2. Impact

The vulnerabilities range in severity and therefore have varying levels of risk.

3. Solution

Update to the latest stable version of Treck IP stack software.

3.1 Treck Inc.


3.2 ZUKEN ELMIC,INC

KASAGO is one of branches of the Treck's TCP/IP stack.

4. Hitachi Product Information

August 17, 2020

Hitachi Global Life Solutions, Inc. products are not affected by this issue.

June 22, 2020

Under investigation and Published Security Advisory HIRT-PUB20002.

5. References

5.1 Vulnerability Enumeration

5.2 Security Advisories

5.3 Related Information

6. Update history

August 17, 2020
  • Add: Hitachi Product Information
June 22, 2020
  • This webpage was newly created and published.

Masato Terada (HIRT) and Naoko Ohnishi (HIRT)