Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84863members
354353posts

Treck TCP/IP stack multiple vulnerabilities

EcoStruxure IT forum

A support forum for Data Center Operation, Data Center Expert, and EcoStruxure IT product users to share knowledge on installation, configuration, and general product use.

Solved
Angwenyi
Ensign
Ensign
0 Likes
1
779

Treck TCP/IP stack multiple vulnerabilities

Hi Team,

 

I hope you all keeping safe 🙂

 

We have a customer that we deployed DCE and DCO, they have a number of devices being monitored including UPS, PDU and NetBotz.

 

They sent us Treck TCP/IP stack multiple vulnerabilities to address on the mentioned devices being monitored, their solution to this issues is 'Confirm if you have applied the patches from the vendor for the Ripple20 vulnerabilities, Apply the relevant patches as they become available'.

 

Kindly anyone who has had to address this, please assist.

 

Thank you 

 

Regards

Felix

Tags (1)

Accepted Solutions
GavanOB
Schneider Alumni (Retired)
Schneider Alumni (Retired)
0 Likes
0
769

Hi Re: Treck TCP/IP stack multiple vulnerabilities

Hi Felix,

 

A new version of firmware for impacted devices will be released shortly, this will address the Ripple20 issues. The first devices to get the update will be the with the NMC2 for Smart-UPS, followed by the rPDUg2 range.

 

In terms of mitigation the advice is as always to follow best practice when securing your critical power infrastructure. We recommend separation of infrastructure assets from the main IT networks through the use of separate switches, VLANs or using the private network on the DCE server. Customers should be using up to date firewalls with intrusion prevention scanning all traffic between the IT and infrastructure networks where NMCs are located. Access to these networks should only be provided to trusted personal.

 

It might be a good idea to keep an eye on the following link for updates:

https://www.apc.com/ie/en/faqs/FA410359/

 

Also note that DCE, DCO and most Botz are not impacted with the 250 being the main exception. 

 

-Gavan

 

APC by Schneider Electric

See Answer In Context

Tags (1)
1 Reply 1
GavanOB
Schneider Alumni (Retired)
Schneider Alumni (Retired)
0 Likes
0
770

Hi Re: Treck TCP/IP stack multiple vulnerabilities

Hi Felix,

 

A new version of firmware for impacted devices will be released shortly, this will address the Ripple20 issues. The first devices to get the update will be the with the NMC2 for Smart-UPS, followed by the rPDUg2 range.

 

In terms of mitigation the advice is as always to follow best practice when securing your critical power infrastructure. We recommend separation of infrastructure assets from the main IT networks through the use of separate switches, VLANs or using the private network on the DCE server. Customers should be using up to date firewalls with intrusion prevention scanning all traffic between the IT and infrastructure networks where NMCs are located. Access to these networks should only be provided to trusted personal.

 

It might be a good idea to keep an eye on the following link for updates:

https://www.apc.com/ie/en/faqs/FA410359/

 

Also note that DCE, DCO and most Botz are not impacted with the 250 being the main exception. 

 

-Gavan

 

APC by Schneider Electric
Tags (1)