Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
169 lines (111 sloc) 3.19 KB
CVE-2017-11400
==============
Description:
------------
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance 3.10 and earlier.
An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system)
with unsigned, attacker controlled, data.
Vulnerability type:
-------------------
Incomplete firmware signature
Vendor of Product:
------------------
Belden Hirschmann
Affected Product Code Base:
---------------------------
Tofino Xenon Security Appliance - 3.10 and earlier
Affected Component:
-------------------
USB firmware
Attack Type:
------------
Local
Impact Code execution:
----------------------
Yes
Attack Vectors:
---------------
Attacker has physical access to the device and ability
tu plug USB device into it
Reference:
----------
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf
https://www.belden.com/support/security-assurance
Discoverer:
-----------
Julien Lenoir of Airbus
CVE-2017-11401
==============
Description:
------------
An issue has been discovered on the Belden Hirschmann Tofino Xenon
Security Appliance 3.10 and earlier. Improper handling of the
mbap.length field of ModBus packets in the ModBus DPI filter allows an
attacker to send malformed/crafted packets to a protected asset, bypassing
function code filtering.
Vulnerability type:
-------------------
DPI ModBus filter bypass
Vendor of Product:
------------------
Belden Hirschmann
Affected Product Code Base:
---------------------------
Tofino Xenon Security Appliance
Firmware 3.10 and prior
Affected Component:
-------------------
Modbus enforcer DPI filter
Attack Type:
------------
Remote
CVE Impact:
-----------
Bypass DPI filter on industrial firewall
Attack Vectors:
---------------
To exploit the vulnerability, attacker is able to send UDP or TCP
packets to a protected asset, on a LAN.
Reference:
----------
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf
https://www.belden.com/support/security-assurance
Discoverer:
-----------
Julien Lenoir of Airbus
CVE-2017-11402
==============
Description:
------------
An issue has been discovered on the Belden Hirschmann Tofino Xenon
Security Appliance 3.10 and earlier. Design flaws in OPC classic and
in custom netfilter modules allow an attacker to remotely activate
rules on the firewall and to connect to any TCP port of a protected
asset, thus bypassing the firewall.
Vulnerability type:
-------------------
Firewall bypass
Vendor of Product:
------------------
Belden Hirschmann
Affected Product Code Base:
---------------------------
Tofino Xenon Security Appliance
Firmware 3.10 and prior
Affected Component:
-------------------
Netfilter custom filter combined with OPC Classic DPI filter
Attack Type:
------------
Remote
Attack Vectors:
---------------
To exploit the vulnerability, someone must connect to a protected
asset over OPC Classic port
Reference:
----------
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf
https://www.belden.com/support/security-assurance
Discoverer:
-----------
Julien Lenoir of Airbus
You can’t perform that action at this time.