Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years. From a report: Affected products include smart home devices, power grid equipment, healthcare systems, industrial gear, transportation systems, printers, routers, mobile/satellite communications equipment, data center devices, commercial aircraft devices, various enterprise solutions, and many others. Experts now fear that all products using this library will most likely remain unpatched due to complex or untracked software supply chains. Problems arise from the fact that the library was not only used by equipment vendors directly but also integrated into other software suites, which means that many companies aren’t even aware that they’re using this particular piece of code, and the name of the vulnerable library doesn’t appear in their code manifests.
Read more of this story at Slashdot.
Source:
https://it.slashdot.org/story/20/06/16/179230/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come?utm_source=rss1.0mainlinkanon&utm_medium=feed