On June 16th, 2020 the Computer Emergency Response Team (CERT) published 19 zero-day vulnerabilities within the TCP/IP software stack from the vendor Treck Inc., also known as Ripple20. This software stack is designed for embedded devices and used worldwide in hundreds of millions of devices in various industrial sectors like Energy, Critical Manufacturing, Information Technology, Healthcare and Public Health, Transportation Systems.
The Pilz PSIRT (Product Security Incidence Response Team) immediately conducted an internal investigation to assess the impact on our devices.
We are happy to report NONE of our products is using the Treck Inc.’s TCP/IP stack.
If you need more information on this alert from ICS, please visit the Treck TCP/IP Stack Update,