15 matches found
CVE-2021-30066
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification for a USB stick can be bypassed. NOTE: this issue exists because of an...
CVE-2021-30064
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials if the device is in the uncommissioned state...
CVE-2021-30065
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-2017-11401...
CVE-2021-30061
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...
Code injection
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-2017-11401...
Hardcoded credentials
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials if the device is in the uncommissioned state...
Code injection
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...
CVE-2021-30066
The CVE-2021-30066 entry applies to Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 (before 03.23) and Belden Tofino Xenon Security Appliance. A firmware-signature verification bypass for USB allows loading an arbitrary firmware image, enabling kernel/firmware upgrades with unsigned p...
CVE-2021-30065
CVE-2021-30065 affects Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 prior to 03.23 and TCSEFEA23F3F20/21, plus Belden Tofino Xenon Security Appliance. Root cause is an incomplete fix of CVE-2017-11401, enabling crafted ModBus packets to bypass the ModBus enforcer. Impact: bypass of...
CVE-2021-30064
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials if the device is in the uncommissioned state...
CVE-2021-30064
The CVE affects Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 (before 03.23) and TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance. The root cause is hardcoded default credentials allowing SSH login, applicable when the device is in the uncommissioned/not-enabled state. ...
CVE-2021-30061
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...
Schneider Electric ConneXium Tofino Firewall和Schneider Electric Belden Tofino Xenon Security Appliance 信任管理问题漏洞
Schneider Electric ConneXium Tofino Firewall and Schneider Electric Belden Tofino Xenon Security Appliance are both products of Schneider Electric, a French company. The Schneider Electric ConneXium Tofino Firewall is a firewall appliance and the Schneider Electric Belden Tofino Xenon Security...
Schneider Electric ConneXium Network Manager Software 数据伪造问题漏洞
Schneider Electric ConneXium Network Manager Software Schneider Electric Cnm is an industrial Ethernet network management software from Schneider Electric, France. A security vulnerability exists in the Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22/21/20 prior to version 03.23 and t...
Schneider Electric ConneXium Tofino Firewall 安全漏洞
Schneider Electric ConneXium Tofino Firewall is a firewall appliance from Schneider Electric France. A security vulnerability exists in the Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 prior to version 03.23 , TCSEFEA23F3F20/21 and Belden Tofino Xenon Security Appliance, which...