Vulnerabilities > Belden > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-03 CVE-2021-30066 Improper Verification of Cryptographic Signature vulnerability in multiple products
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed.
6.8
2022-04-03 CVE-2021-30061 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.
low complexity
belden schneider-electric
6.8
2021-02-11 CVE-2020-9307 Infinite Loop vulnerability in Belden Hirschmann Hios 07.0.04/08.0.00
Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service.
low complexity
belden CWE-835
6.5
2019-08-09 CVE-2019-12265 Memory Leak vulnerability in multiple products
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-401
5.3
2018-03-06 CVE-2018-5471 Cleartext Transmission of Sensitive Information vulnerability in Belden products
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches.
network
high complexity
belden CWE-319
5.9
2018-03-06 CVE-2018-5467 Information Exposure vulnerability in Belden products
An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches.
network
low complexity
belden CWE-200
6.5
2018-03-06 CVE-2018-5461 Inadequate Encryption Strength vulnerability in Belden products
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches.
network
high complexity
belden CWE-326
6.5
2017-11-20 CVE-2017-11400 Improper Verification of Cryptographic Signature vulnerability in Belden Tofino Xenon Security Appliance Firmware 3.1.0
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.
low complexity
belden CWE-347
6.8
2016-02-18 CVE-2016-2509 Information Exposure vulnerability in Belden Hirschmann Firmware and Hirschmann L2B
The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing the network.
high complexity
belden CWE-200
5.3