Rumble for the Ripple20

|
Updated

The Ripple20 vulnerabilities identified by JSOF impact millions of devices running the Treck operating system, many of which have not and will not receive updates. Finding exposed devices can be tricky since many of the device types (battery backups, printers, etc) are often excluded from normal vulnerability scans, sometimes automatically. Fortunately, Rumble's scan engine is safe to use with embedded devices of all types and already collects enough information to identify many affected systems.

To support this effort, we have added two new entries to the Query Library:

Treck OS Devices

These queries use the IP TTL differences between the ICMP and TCP replies as well as a specific HTTP server banner to find Treck OS devices.

Please note that the IP TTL query may include false positives as quite a few firewalls along with a handful of non-Treck devices exhibit the same behavior.

Happy Scanning!

-HD

If you haven't had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.
runZero Insights
How runZero finds unmanaged devices on your network
How do you find unmanaged devices on your network when they aren't accounted for? Learn how you can use runZero to find unmanaged devices on your...
runZero Research
RDP security: The impact of secure defaults and legacy protocols
Explore the evolution of the Remote Desktop Protocol to become secure by default and learn how to audit your environment for risky RDP configurations.
Industry
Active scanning industrial control systems safely
Do you still believe active scanning in OT environments isn't safe? We all know passive scanning is difficult to deploy, misses assets, and is...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved