Contact us

Download

Download Manuals, Datasheets, Software and more:

DOWNLOAD TYPE
MODEL or KEYWORD

Feedback

Ripple20 Security Notice

Tektronix is aware of a set of 19 security vulnerabilities collectively known as “Ripple20” in a third-party TCP/IP stack.  Tektronix has identified these vulnerabilities in the Tektronix and Keithley products listed below.

Tektronix-branded products

These vulnerabilities have been identified in certain versions of Intel's Active Management Technology (“AMT”) that are present on Tektronix’s 5 Series, 5 Series Low Profile, 5000 scope, 6 Series, and 6 Series Low Profile products.  Because Tektronix disables the AMT feature on these products, they are not vulnerable as provided by Tektronix. Tektronix does not have any reason to believe that any of its products have been exploited, but please be aware that if you choose to enable Intel AMT on these products you will risk exposing these vulnerabilities.

Keithley-branded products

Tektronix has identified these vulnerabilities in older versions of firmware on the Keithley-branded products listed below.  These vulnerabilities were patched in firmware revision 1.7.5. Tektronix recommends upgrading your firmware to at least revision 1.7.5 using the links below.

Product Firmware Link
2450 Model 2450 Firmware Revision 1.7.5 and Release Notes
2460 Model 2460 Firmware Revision 1.7.5 and Release Notes
2461 Model 2461 Firmware Revision 1.7.5 and Release Notes
2461-SYS Model 2461-SYS Firmware Revision 1.7.5 and Release Notes
2470 Model 2470 Firmware Revision 1.7.5 and Release Notes
DAQ6510 Model DAQ6510 Firmware Revision 1.7.5 and Release Notes
DMM6500 Model DMM6500 Firmware Revision 1.7.5 and Release Notes
DMM7510 Model DMM7510 Firmware Revision 1.7.5 and Release Notes
DMM7512 Model DMM7512 Firmware Revision 1.7.5 and Release Notes

You should always follow your company’s security practices.  In addition, these general practices may also enhance security for Tektronix’s products:

  • Only operate Tektronix products in protected or secure networks, limiting remote access. 
  • When remote access to Tektronix products is required, use only secure remote access methods (for example, your organization’s VPN or other secure method)
    • In accordance with your organization’s security policy and/or industry best practices and recognizing that VPNs may also have vulnerabilities and should be updated to the most current version available.
  • Whenever possible, segment or isolate Tektronix products from your business network.
  • Take additional mitigation steps outlined in CERT vulnerability notice #257161 as appropriate.