CVE-2017-11401
Summary
| CVE | CVE-2017-11401 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-11-20 15:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Belden | Tofino Xenon Security Appliance | - | All | All | All |
| Hardware | Belden | Tofino Xenon Security Appliance | - | All | All | All |
| Operating System | Belden | Tofino Xenon Security Appliance Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSE... | MISC | www.belden.com | Vendor Advisory |
| security-advisories/tofino.txt at master · airbus-seclab/security-advisories · GitHub | MISC | github.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.