CVE-2021-30066
- EPSS 0%
- Published 03.04.2022 23:15:07
- Last modified 21.11.2024 06:03:17
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be byp...
CVE-2021-30061
- EPSS 0.01%
- Published 03.04.2022 22:15:14
- Last modified 21.11.2024 06:03:16
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.
CVE-2021-30062
- EPSS 0.04%
- Published 03.04.2022 22:15:14
- Last modified 21.11.2024 06:03:16
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.
CVE-2021-30063
- EPSS 0.07%
- Published 03.04.2022 22:15:14
- Last modified 21.11.2024 06:03:17
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.
CVE-2021-30064
- EPSS 0.06%
- Published 03.04.2022 22:15:14
- Last modified 21.11.2024 06:03:17
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).
CVE-2021-30065
- EPSS 0.03%
- Published 03.04.2022 22:15:14
- Last modified 21.11.2024 06:03:17
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of...