An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.
References
Link | Resource |
---|---|
https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt | Third Party Advisory |
https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-11-20T15:00:00
Updated: 2017-11-20T14:57:01
Reserved: 2017-07-17T00:00:00
Link: CVE-2017-11401
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-11-20T15:29:00.260
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-11401
JSON object: View
Redhat Information
No data.
CWE