Tofino Xenon Security Appliance Firmware

tofino_xenon_security_appliance_firmware

Vendor: Belden • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-30066 2Belden Schneider Electric 13Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+10 more Nov 21, 2024 Apr 3, 2022 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verificatio...Show more On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400.Show less
CVE-2021-30065 2Belden Schneider Electric 13Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+10 more Nov 21, 2024 Apr 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists b...Show more On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-2017-11401.Show less
CVE-2021-30064 2Belden Schneider Electric 13Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+10 more Nov 21, 2024 Apr 3, 2022 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in...Show more On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).Show less
CVE-2021-30063 2Belden Schneider Electric 11Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+8 more Nov 21, 2024 Apr 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.
CVE-2021-30062 2Belden Schneider Electric 11Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+8 more Nov 21, 2024 Apr 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.
CVE-2021-30061 2Belden Schneider Electric 13Eagle 20 Tofino 943 987 501 Tx/tx Firmware Eagle 20 Tofino 943 987 502 Tx/mm FirmwareEagle 20 Tofino 943 987 504 Mm/tx Firmware+10 more Nov 21, 2024 Apr 3, 2022 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stic...Show more On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.Show less
CVE-2017-11402 1Belden 1Tofino Xenon Security Appliance Firmware May 13, 2026 Nov 20, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewa...Show more An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.Show less
CVE-2017-11401 1Belden 1Tofino Xenon Security Appliance Firmware May 13, 2026 Nov 20, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malfo...Show more An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.Show less
CVE-2017-11400 1Belden 1Tofino Xenon Security Appliance Firmware May 13, 2026 Nov 20, 2017 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned,...Show more An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned, attacker-controlled, data. This occurs because the appliance_config file is signed but the .tar.sec file is unsigned.Show less