barox Kommunikation has confirmed its RY-28 Series Managed Ethernet switch range devices can be configured to protect security networks and third party devices, such as cameras and servers, from Ripple20 cyber attacks. A set of 19 vulnerabilities in a low-level TCP/IP software library, Ripple20 poses a threat to IoT devices and, if weaponised, could allow hackers to gain control over targeted devices without requiring any user interaction.
Discovered by JSOF research lab, Ripple20 is a series of multiple zero-day vulnerabilities in TCP/IP stacks that are widely embedded in IoT devices. The vulnerability is to be found in a proprietary fully featured TCP/IP communication stack, designed for embedded devices and real-time operating systems.
It is not known which embedded TCP/IP stacks are vulnerable. IoT, USB and server devices affected are widespread, right down to printers, light bulbs and smart metering.
It has been stated that Ripple20 flaws ‘puts billions of internet connected devices at risk of hacking.’ Ripple 20 has been discovered in home, consumer, enterprise, telecom, nuclear, transportation and oil and gas devices across critical infrastructure, with real-time embedded protocols and embedded device adoption dating back to 1997. Furthermore, a single component could be infiltrated to ripple out to other network devices. Devices can be made to malfunction, with major international vendors being affected.
Highlighting the issue to system designers, Rudolf Rohr, barox co-founder and managing partner, stated, ‘To protect devices and networks from Ripple20 vulnerabilities, you need to have a purpose-specific filter configured to never accept fragmented UDP. With the barox RY-28 Series switch, deep cyber protection can be configured to automatically detect and stop fragmented UDP via its built-in Access Control List (ACL) switch menu options. This blocks fragmented UDP and protects networks and their devices, such as IP cameras, VMS and servers, from illegal access.’