A number of vulnerabilities, collectively known as Ripple20, exist in Treck Inc.'s embedded TCP/IP stack and are used in Schneider Electric devices.
How is EcoStruxure IT Gateway software affected by Ripple20?
None of the Ripple20 vulnerabilities exist in the EcoStruxure IT Gateway software.
How is the EcoStruxure IT Gateway Appliance affected?
There are two Gateway Appliances, each on a different platform: the NUC and the Dell PowerEdge, Schneider Electric SKUs INNUC0119 and DLPE301118, respectively.
Dell states that their servers are not affected.
SimplyNUC, the NUC's hardware vendor, confirms that the NUC is not affected.
Mitigation
No specific mitigation for Ripple20 is necessary for the EcoStruxure IT Gateway software or the Gateway Appliances.
Do not disable DNS on the Gateway Appliance or the computer the Gateway is running on.
DNS is required for communication with the cloud-based services.
Mitigation for the known affected devices is documented in these Schneider Electric notifications:
Security Notification - APC by Schneider Electric Network Management Cards
Security Notification – Treck TCP/IP Vulnerabilities
How can EcoStruxure IT Expert help mitigate Ripple20?
-
Connect vulnerable devices to a private network and monitor using EcoStruxure IT Gateway. See EcoStruxure IT Gateway in a Secure Network Architecture
-
Disable DNS using the Device Configuration feature in IT Expert. Configure an invalid DNS address to disable DNS, such as 0.0.0.0. With this configuration, IP addresses must be used instead of hostnames.
-
If hostnames are configured on the Network Management Card (NMC), use the Device Configuration feature in IT Expert to replace them with IP addresses.
-
Once new firmware is available for the affected NMCs, use the Firmware Update feature in IT Expert to easily push out the new firmware to affected devices.
Comments
0 comments
Please sign in to leave a comment.