cvedb.io
CVE-2017-11402
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-11-20T15:29:00.340 · Last modified 2026-06-17T01:01:44.990

Summary

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.

Affected products

belden — tofino_xenon_security_appliance_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when belden ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.