IM
IronMonkey Threat Research

CVE-2017-11402 CRITICAL

Published: 2017-11-20 | Last Modified: 2026-06-17 | Status: Modified

Description

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.

Additional Descriptions (1)

Se ha descubierto un problema en las versiones anteriores a la 03.2.00 de Belden Hirschmann Tofino Xenon Security Appliance. Los fallos de diseño en módulos OPC classic y netfilter personalizados permiten que un atacante active remotamente las reglas en el firewall y se conecte a cualquier puerto TCP de un activo protegido, eludiendo el firewall. La metodología de ataque es un cambio de puertos OPC dinámicos.

CVSS Metrics

Base Score: 10.0 (HIGH)

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 10.0

Weaknesses

Source Type Description
[email protected] Primary
en CWE-20

Affected Products

Vendor Product Version Update Type
belden tofino_xenon_security_appliance_firmware * <built-in method update of dict object at 0x72a9cc556f40> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:belden:tofino_xenon_security_appliance_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:belden:tofino_xenon_security_appliance:-:*:*:*:*:*:*:*

References

Notification
Message here