Vulnerabilities (CVE)

Filtered by vendor Belden Subscribe

Filtered by product Tofino Xenon Security Appliance Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-11401	1 Belden	2 Tofino Xenon Security Appliance, Tofino Xenon Security Appliance Firmware	2019-10-03	7.5 HIGH	9.8 CRITICAL
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.
CVE-2017-11402	1 Belden	2 Tofino Xenon Security Appliance, Tofino Xenon Security Appliance Firmware	2019-10-03	10.0 HIGH	9.8 CRITICAL
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.