PSIRT Advisory
Ripple20 - Critical Vulnerabilities in low-level TCP/IP software library developed by Treck
Summary
On June 16, 2020, cybersecurity researchers from JSOF published a set of 19 vulnerabilities, dubbed Ripple20 that are impacting the TCP/IP stack developed by Treck. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.
Impact
Information disclosure, Execute unauthorized code or commands
Affected Products
Fortinet products do not use the low-level TCP/IP software library developed by Treck, Inc and are therefore not impacted by these vulnerabilities.