Julien Lenoir

2 exploits Active since Nov 2017
CVE-2017-11401 WRITEUP CRITICAL WRITEUP
Belden Hirschmann Tofino Xenon Security Appliance <03.2.00 - ModBus DPI Filter Bypass
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.
CVSS 9.8
CVE-2017-11402 WRITEUP CRITICAL WRITEUP
Belden Tofino Xenon Security Applianc... - Improper Input Validation
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.
CVSS 9.8