Tofino Xenon Security Appliance Firmware
CVE-2017-11401
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.
AnalysisAI
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering. Affected products include: Belden Tofino Xenon Security Appliance Firmware. Version information: before 03.2.00..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Rated critical sev
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Rated medium sever
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today