Pilz Software Not Affected by Ripple20
July 21, 2020
On June 16th, 2020 the Computer Emergency Response Team (CERT) published 19 zero-day vulnerabilities within the TCP/IP software stack from the vendor Treck Inc., also known as Ripple20. This software stack is designed for embedded devices and used worldwide in hundreds of millions of devices in various industrial sectors like Energy, Critical Manufacturing, Information Technology, Healthcare and Public Health, Transportation Systems.
The Pilz PSIRT (Product Security Incidence Response Team) immediately conducted an internal investigation to assess the impact on their devices. They are happy to report NONE of their products is using the Treck Inc.’s TCP/IP stack.
If you need more information on this alert from ICS, please visit the Treck TCP/IP Stack Update.