False Vulnerability Flagging of Room Alert Monitors

We were recently made aware that a series of vulnerabilities, Ripple20, were discovered in a low-level TCP/IP software library developed by Treck, Inc. This is widely-used in embedded and IoT devices. Consequently, some Room Alert users have reported their Room Alert “E” models being flagged by their security software as potentially vulnerable to Ripple20. However, the Treck TCP/IP software library is not used in Room Alert’s proprietary firmware, and therefore, means that no Room Alert monitors are vulnerable to Ripple20.

The false positives for Ripple20 appear for Room Alert “E” models that have the Telnet menu enabled (TCP port 9999) but no password set. If you prefer to not set a password, you may instead disable your device’s Telnet menu. For instructions, check out this FAQ. If you prefer to not set a password, check out this FAQ.

Our Room Alert PRO monitors, including the Room Alert 32S and Room Alert 12S, are not impacted and include some of the highest levels of security and encryption available.

We commend our customers for continuing to focus on products that can be trusted on some of the most secure networks in the world. We’re proud that our Room Alert monitors remain safe from any known exploits or vulnerabilities. Click to read more about DDoS Malware, IoT Device Security and AVTECH and Room Alert Security.

Contact Us

We hope this information clarifies any questions or concerns you may have had. If you would like additional information, please contact us today through email at Sales@AVTECH.com, through our online Live Chat service, or via phone 401.628.1600.