Interpeak IPnet TCP/IP Stack (Update D) (ICSA-19-274-01) – Products Used in the Water and Wastewater Sector

May 12, 2020

CISA has updated this advisory with additional details on mitigation measures. Read the advisory at CISA.

February 18, 2020

CISA has updated this advisory with additional details on mitigation measures. Read the advisory at CISA.

December 10, 2019

CISA has updated this advisory with additional details on mitigation measures. Read the advisory at CISA.

October 10, 2019

CISA has updated this advisory with additional information on mitigation measures. Read the update at CISA.

October 1, 2019

CISA has published an advisory on stack-based buffer overflow, heap-based buffer overflow, integer underflow, improper restriction of operations within the bounds of a memory buffer, race condition, argument injection, and null pointer dereference vulnerabilities in Interpeak IPnet TCP/IP Stack products. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow remote code execution. The vendors of the affected products have provided recommendations for mitigating these vulnerabilities, as has CISA. Read the advisory at CISA.