Skip to main content

Report on Ripple20 threat to printer/MFPs

Research published by ExtraHop Security
- Ripple20 is a series of 19 security vulnerabilities found in devices that use software from Treck Inc. of Ohio
o Software is used to manage the TCP/IP stack in the devices
o (Many manufacturers of printers and MFPs outsource their print controller code to various software companies as they can not create internally)

- Vulnerabilities were originally discovered in June of 2020
o Could allow hacker to inject malicious code into customers network (such as
ransomware)

- Exposed Ripple20 devices exist in at least 35% of environments based on survey by ExtaHop
o According to JSOF Security, almost every US business is affected
- Treck has issued patches, but due to age and nature of the devices, the “patches may be difficult or impossible to install”
- Report states that some HP and Ricoh models are impacted, among other
manufacturers

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×