Vulnerabilities > Belden > Tofino Xenon Security Appliance Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-04-03 CVE-2021-30066 Improper Verification of Cryptographic Signature vulnerability in multiple products
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed.
local
low complexity
belden schneider-electric CWE-347
7.2
2022-04-03 CVE-2021-30061 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.
local
low complexity
belden schneider-electric
7.2
2022-04-03 CVE-2021-30062 On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.
network
low complexity
belden schneider-electric
5.0
2022-04-03 CVE-2021-30063 On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.
network
low complexity
belden schneider-electric
5.0
2022-04-03 CVE-2021-30064 Use of Hard-coded Credentials vulnerability in multiple products
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).
6.8
2022-04-03 CVE-2021-30065 On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer.
network
low complexity
belden schneider-electric
5.0
2017-11-20 CVE-2017-11402 Improper Input Validation vulnerability in Belden Tofino Xenon Security Appliance Firmware
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.
network
low complexity
belden CWE-20
critical
10.0
2017-11-20 CVE-2017-11401 Unspecified vulnerability in Belden Tofino Xenon Security Appliance Firmware
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.
network
low complexity
belden
7.5
2017-11-20 CVE-2017-11400 Improper Verification of Cryptographic Signature vulnerability in Belden Tofino Xenon Security Appliance Firmware
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.
local
low complexity
belden CWE-347
7.2