CVE-2021-30062

EUVD-2021-17006
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
beldentofino_xenon_security_appliance_firmware
𝑥
< 03.2.03
beldentofino_argon_fa-tsa-220-tx\/mm_firmware
-
beldentofino_argon_fa-tsa-220-tx\/tx_firmware
-
beldentofino_argon_fa-tsa-220-mm\/tx_firmware
-
beldentofino_argon_fa-tsa-220-mm\/mm_firmware
-
beldentofino_argon_fa-tsa-100-tx\/tx_firmware
-
beldeneagle_20_tofino_943_987-505-mm\/mm_firmware
-
beldeneagle_20_tofino_943_987-504-mm\/tx_firmware
-
beldeneagle_20_tofino_943_987-502_-tx\/mm_firmware
-
beldeneagle_20_tofino_943_987-501-tx\/tx_firmware
-
schneider-electrictcsefm0000_firmware
𝑥
< 03.23
𝑥
= Vulnerable software versions
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-05
https://www.belden.com/support/security-assurance
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-05
https://www.belden.com/support/security-assurance