Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

Join our "Ask Me About" community webinar on May 20th at 9 AM CET and 5 PM CET to explore cybersecurity and monitoring for Data Center and edge IT. Learn about market trends, cutting-edge technologies, and best practices from industry experts.
Register and secure your Critical IT infrastructure

Ripple20 vulnerabilities in the Treck TCP/IP stack

Gateway FAQ

Answers to common questions about the EcoStruxure IT Gateway

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • EcoStruxure IT Help Center
  • EcoStruxure IT Help Center Categories
  • Gateway
  • Gateway FAQ
  • Ripple20 vulnerabilities in the Treck TCP/IP stack
Options
  • Subscribe to RSS Feed
  • Mark as New
  • Mark as Read
  • Bookmark
  • Subscribe
  • Email to a Friend
  • Printer Friendly Page
  • Report Inappropriate Content
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close

Related Forums

  • EcoStruxure IT forum

  • APC UPS Data Center & Enterprise Solutions Forum

Previous Next

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite

EcoStruxure IT Support

Submit a support request for additional assistance with EcoStruxure IT software.

Request Support
Back to Gateway FAQ
Options
  • Subscribe to RSS Feed
  • Mark as New
  • Mark as Read
  • Bookmark
  • Subscribe
  • Email to a Friend
  • Printer Friendly Page
  • Report Inappropriate Content
1 Like
1730 Views

Link copied. Please paste this link to share this article on your social media post.

Trying to translate this page to your language?
Select your language from the translate dropdown in the upper right. arrow
Translate to: English
  • (Français) French
  • (Deutsche) German
  • (Italiano) Italian
  • (Português) Portuguese
  • (Русский) Russian
  • (Español) Spanish

Ripple20 vulnerabilities in the Treck TCP/IP stack

Picard EcoStruxureIT
‎2020-06-29 07:41 AM

Last Updated: Sisko JLehr Sisko ‎2023-09-29 02:53 PM

A number of vulnerabilities, collectively known as Ripple20, exist in Treck Inc.'s embedded TCP/IP stack and are used in Schneider Electric devices.

 

How is EcoStruxure IT Gateway software affected by Ripple20?

 

None of the Ripple20 vulnerabilities exist in the EcoStruxure IT Gateway software.

 

How is the EcoStruxure IT Gateway Appliance affected?

 

There are two Gateway Appliances, each on a different platform: the NUC and the Dell PowerEdge, Schneider Electric SKUs INNUC0119 and DLPE301118, respectively. 

Dell states that their servers are not affected.

 

SimplyNUC, the NUC's hardware vendor, confirms that the NUC is not affected.  

 

Mitigation

 

No specific mitigation for Ripple20 is necessary for the EcoStruxure IT Gateway software or the Gateway Appliances.

Do not disable DNS on the Gateway Appliance or the computer the Gateway is running on. 

 

DNS is required for communication with the cloud-based services.

 

Mitigation for the known affected devices is documented in these Schneider Electric notifications:

Security Notification - APC by Schneider Electric Network Management Cards

Treck TCP/IP Vulnerabilities (Ripple20)

Security Notification – Treck TCP/IP Vulnerabilities

 

How can EcoStruxure IT Expert help mitigate Ripple20?

 

  • Connect vulnerable devices to a private network and monitor using EcoStruxure IT Gateway. See EcoStruxure IT Gateway in a Secure Network Architecture

  • Use the Device Configuration feature in IT Expert to set DNS servers to 0.0.0.0 on all impacted NMCs and use static IP addresses for all servers the NMC will connect to.

  • Once new firmware is available for the affected NMCs, use the Firmware Update feature in IT Expert to easily push out the new firmware to affected devices.

 

See also

https://www.apc.com/secure-nmc

APC FAQ FA410359

 

Was this article helpful? Yes No
No ratings

Link copied. Please paste this link to share this article on your social media post.

Didn't find what you are looking for? Ask our Experts
To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of