Ripple20 vulnerabilities

@posborne, is it effecting the SmartThings hubs?

No, we don’t use the Treck stack. Our V2/V3 are based on the Linux 4.9 LTS stable kernel and we use the kernel network stack and update our kernel to track backported bugfixes and security patches into our kernel on a regular basis, monitoring CVEs as they are disclosed against any software we use to the best of our ability. I wouldn’t dare to promise that there are no vulnerabilities that exist in our product (this would be foolish to claim), but we do take it seriously and do our best to remain vigilant and able to react to threats as they arise.

Here’s additional information on our responsible disclosure process: