PSIRT Advisories

Ripple20 - Critical Vulnerabilities in low-level TCP/IP software library developed by Treck

Summary

On June 16, 2020, cybersecurity researchers from JSOF published a set of 19 vulnerabilities, dubbed Ripple20 that are impacting the TCP/IP stack developed by Treck. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.

Affected Products

Fortinet products do not use the low-level TCP/IP software library developed by Treck, Inc and are therefore not impacted by these vulnerabilities.