Security flaws reside in the low-level TCP/IP software library developed by Treck Inc. Affected vendors range from one-person boutique shops to Fortune 500 multinational corporations. Four of the 19 vulnerabilities were flagged as critical, with CVSS scores over 9. If exploited, these critical flaws could allow malicious actors to execute remote arbitrary code, with potentially devastating effects. If a patch is available, the first step is to update to the latest version for all devices. Organizations using a vulnerable Treck stack should perform a risk assessment and, in lieu of a vulnerability fix, should minimize network exposure.”]