Julien Lenoir of Airbus

1 exploit Active since Nov 2017
CVE-2017-11400 WRITEUP MEDIUM WRITEUP
Belden Tofino Xenon Security Appliance Firmware < 3.1.0 - Improper Verification of Cryptographic Signature
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned, attacker-controlled, data. This occurs because the appliance_config file is signed but the .tar.sec file is unsigned.
CVSS 6.8