Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-11401

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.

Published

2017-11-20T15:29:00.260

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	belden	tofino_xenon_security_appliance_firmware	≤ 3.1.0	Yes
Hardware	belden	tofino_xenon_security_appliance	-	No

References

https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt Third Party Advisory ([email protected])
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf Vendor Advisory ([email protected])
https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)