Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2021-30066
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.2/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
CVSSv3.1 Score
- Severity
- Medium
- Base Score
- 6.8/10
- Exploit Score
- 0.9/10
- Access Vector
- Physical
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:o:belden:tofino_xenon_security_appliance_firmware:*: |
Yes
|
- | 03.2.03 | |
| cpe:2.3:h:belden:tofino_xenon_security_appliance:-:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:belden:tofino_argon_fa-tsa-220-tx\/mm_firmware:-:* |
Yes
|
- | ||
| cpe:2.3:h:belden:tofino_argon_fa-tsa-220-tx\/mm:-:*:*:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:tofino_argon_fa-tsa-220-tx\/tx_firmware:-:* |
Yes
|
- | ||
| cpe:2.3:h:belden:tofino_argon_fa-tsa-220-tx\/tx:-:*:*:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:tofino_argon_fa-tsa-220-mm\/tx_firmware:-:* |
Yes
|
- | ||
| cpe:2.3:h:belden:tofino_argon_fa-tsa-220-mm\/tx:-:*:*:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:tofino_argon_fa-tsa-220-mm\/mm_firmware:-:* |
Yes
|
- | ||
| cpe:2.3:h:belden:tofino_argon_fa-tsa-220-mm\/mm:-:*:*:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:tofino_argon_fa-tsa-100-tx\/tx_firmware:-:* |
Yes
|
- | ||
| cpe:2.3:h:belden:tofino_argon_fa-tsa-100-tx\/tx:-:*:*:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:eagle_20_tofino_943_987-505-mm\/mm_firmware |
Yes
|
- | ||
| cpe:2.3:h:belden:eagle_20_tofino_943_987-505-mm\/mm:-:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:eagle_20_tofino_943_987-504-mm\/tx_firmware |
Yes
|
- | ||
| cpe:2.3:h:belden:eagle_20_tofino_943_987-504-mm\/tx:-:*:*:*: |
No
|
- | ||
| cpe:2.3:o:belden:eagle_20_tofino_943_987-502_-tx\/mm_firmwar |
Yes
|
- | ||
| cpe:2.3:h:belden:eagle_20_tofino_943_987-502_-tx\/mm:-:*:*:* |
No
|
- | ||
| cpe:2.3:o:belden:eagle_20_tofino_943_987-501-tx\/tx_firmware |
Yes
|
- | ||
| cpe:2.3:h:belden:eagle_20_tofino_943_987-501-tx\/tx:-:*:*:*: |
No
|
- | ||
| cpe:2.3:o:schneider-electric:tcsefea23f3f20_firmware:-:*:*:* |
Yes
|
- | ||
| cpe:2.3:h:schneider-electric:tcsefea23f3f20:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:schneider-electric:tcsefea23f3f21_firmware:-:*:*:* |
Yes
|
- | ||
| cpe:2.3:h:schneider-electric:tcsefea23f3f21:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:schneider-electric:tcsefea23f3f22_firmware:*:*:*:* |
Yes
|
- | 03.23 | |
| cpe:2.3:h:schneider-electric:tcsefea23f3f22:-:*:*:*:*:*:*:* |
No
|
- |