This one is pretty wild. Ripple20 is a set of 19 zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. It gets its name because its position in the supply chain allowed the library with its vulnerabilities to ripple outward through hundreds of software and hardware vendors, and from there into hundreds of millions (maybe more) of devices. Printers, UPSs, infusion pumps, industrial control devices, ... any kind of thing in the Internet of Things that has a network connection.

It's been rippling outward since 1997.

It's important to note that it's not in Linux, Windows, iOS, or Android. So it's probably not in your phone or your computer. It might well be in your router, printer, WiFi-connected light switches, TV, or internet-connected refrigerator. And devices containing Wind River's VxWorks aren't affected -- that's the URGENT/11 zero-day vulnerabilities from last year.

And there seem to be only somewhere between 10,000 and 100,000 devices that are actually connected to the internet. Chicken feed.

The vulnerabilities have, of course, been patched by Treck, and sent to their customers. And from there to their customers. And so on. But how many people check for software updates for their printer? (I do.) Is it even possible to install a software patch on a light switch? Is the company that made it still in business? You see the problem.

There are ways you can set up a firewall to block these. If your router manufacturer (or open-source OS project) sends you an update, install it.

Resources