Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-11402

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.

Published

2017-11-20T15:29:00.340

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	belden	tofino_xenon_security_appliance_firmware	≤ 3.1.0	Yes
Hardware	belden	tofino_xenon_security_appliance	-	No

References

https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt Third Party Advisory ([email protected])
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf Vendor Advisory ([email protected])
https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)