Treck TCP/IP stack multiple vulnerabilities

Angwenyi · ‎2020-09-02

Hi Team,

I hope you all keeping safe 🙂

We have a customer that we deployed DCE and DCO, they have a number of devices being monitored including UPS, PDU and NetBotz.

They sent us Treck TCP/IP stack multiple vulnerabilities to address on the mentioned devices being monitored, their solution to this issues is 'Confirm if you have applied the patches from the vendor for the Ripple20 vulnerabilities, Apply the relevant patches as they become available'.

Kindly anyone who has had to address this, please assist.

Thank you

Regards

Felix

Anonymous user · ‎2020-09-02

Hi Felix,

A new version of firmware for impacted devices will be released shortly, this will address the Ripple20 issues. The first devices to get the update will be the with the NMC2 for Smart-UPS, followed by the rPDUg2 range.

In terms of mitigation the advice is as always to follow best practice when securing your critical power infrastructure. We recommend separation of infrastructure assets from the main IT networks through the use of separate switches, VLANs or using the private network on the DCE server. Customers should be using up to date firewalls with intrusion prevention scanning all traffic between the IT and infrastructure networks where NMCs are located. Access to these networks should only be provided to trusted personal.

It might be a good idea to keep an eye on the following link for updates:

https://www.apc.com/ie/en/faqs/FA410359/

Also note that DCE, DCO and most Botz are not impacted with the 250 being the main exception.

-Gavan

See Answer In Context

Anonymous user · ‎2020-09-02

Hi Felix,

A new version of firmware for impacted devices will be released shortly, this will address the Ripple20 issues. The first devices to get the update will be the with the NMC2 for Smart-UPS, followed by the rPDUg2 range.

In terms of mitigation the advice is as always to follow best practice when securing your critical power infrastructure. We recommend separation of infrastructure assets from the main IT networks through the use of separate switches, VLANs or using the private network on the DCE server. Customers should be using up to date firewalls with intrusion prevention scanning all traffic between the IT and infrastructure networks where NMCs are located. Access to these networks should only be provided to trusted personal.

It might be a good idea to keep an eye on the following link for updates:

https://www.apc.com/ie/en/faqs/FA410359/

Also note that DCE, DCO and most Botz are not impacted with the 250 being the main exception.

-Gavan