On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400.
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-05 | Vendor Advisory |
https://www.belden.com/support/security-assurance | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-03T22:01:59
Updated: 2022-04-03T22:01:59
Reserved: 2021-04-02T00:00:00
Link: CVE-2021-30066
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-03T23:15:07.860
Modified: 2022-04-09T00:46:53.933
Link: CVE-2021-30066
JSON object: View
Redhat Information
No data.
CWE