Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
80625members
346580posts

Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

Solved
QaveUPS_apc
Crewman
Crewman
0 Likes
5
373

Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This was originally posted on APC forums on 7/29/2020


Hello, Treck TCP/IP stack multiple vulnerabilities. (Ripple20) issue was raised on the following UPS Management cards, AP9537SUM, AP9618 and OM-9631SY. What are the latest versions of Application Module, APAC OS, and Boot monitor that can be applied and will it Fix  the vulnerability?

Thanks


Accepted Solutions
BillP
Administrator Administrator
Administrator
0 Likes
0
373

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This reply was originally posted by Bill on APC forums on 8/26/2020


Hi,

FAQ FA410359 has been updated. Unfortunately, we had to remove reference's to the 6.9.2 firmware. When a new version of the firmware has been released I will update this thread.

Bill

See Answer In Context

5 Replies 5
BillP
Administrator Administrator
Administrator
0 Likes
0
372

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This reply was originally posted by Bill on APC forums on 7/29/2020


Hello,

Please see Schneider Electric security notification at this link

https://www.se.com/ww/en/download/document/SEVD-2020-174-01/

BillP
Administrator Administrator
Administrator
0 Likes
0
373

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This reply was originally posted by Bill on APC forums on 8/3/2020


Hi,

We are releasing updated firmware to address this issue. Please see FAQ FA410359. The FAQ includes links to updated firmware based on SKU. 

exonix_apc
Crewman
Crewman
0 Likes
0
372

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This was originally posted on APC forums on 8/21/2020


Hi Bill,

your second link doesn't work anymore.

Where can I download an update for AP9619? Thank you in advance!

Brad_C_apc
Commander
Commander
0 Likes
0
372

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This was originally posted on APC forums on 8/23/2020


On 21/8/2020 9:22 PM, Aleks said:

your second link doesn't work anymore.

It's still in the google cache (https://webcache.googleusercontent.com/search?q=cache:70mYIkJ2UloJ:https://www.apc.com/us/en/faqs/FA410359/). Unfortunately it lists anything for NMC1 or 2 as "Currently Unavailable".

I expect if it's going to happen, it'll take some time to build and validate upgrades for the AOS 3 stuff.

Be nice to get some info and/or ETAs, but at least the problem has been acknowledged.

BillP
Administrator Administrator
Administrator
0 Likes
0
374

Re: Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

This reply was originally posted by Bill on APC forums on 8/26/2020


Hi,

FAQ FA410359 has been updated. Unfortunately, we had to remove reference's to the 6.9.2 firmware. When a new version of the firmware has been released I will update this thread.

Bill