Skip to main content
Security Advisory

Schneider Electric ConneXium Tofino Firewall Vulnerabilities

Affects ConneXium Tofino Firewall (TCSEFEA23F3F22): prior to v03.23, ConneXium Tofino OPC-LSM (TCSEFM0000): prior to Firewall host v03.23, and ConneXium Tofino Firewall (TCSEFEA23F3F20/21): All versions

Risk Information

affected product:

ConneXium Tofino Firewall (TCSEFEA23F3F22): prior to v03.23, ConneXium Tofino OPC-LSM (TCSEFM0000): prior to Firewall host v03.23, and ConneXium Tofino Firewall (TCSEFEA23F3F20/21): All versions

Limited Threat

CVE ID

CVE-2021-30062

CVE-2021-30063

CVE-2021-30064

CVE-2021-30065

CVE-2021-30066

CVE-2021-30061

ID

CVE-2021-30062

Source

Dragos

Skill Level

N/A

CVSSV3 BASE / TEMPORAL SCORE

N/a

CVSSV3 vector

N/A

Affecting

  • ConneXium Tofino Firewall (TCSEFEA23F3F22): prior to v03.23, ConneXium Tofino OPC-LSM (TCSEFM0000): prior to Firewall host v03.23, and ConneXium Tofino Firewall (TCSEFEA23F3F20/21): All versions
  • Vulnerability Type

    Use of Default Credentials

    Improper Verification of Cryptographic Signature

    Use of Hard-coded Credentials

    Uncontrolled Resource Consumption

    Resource Exhaustion

    Unauthorized Access

    Disclosure Timeline

    01/11/2022 - Dragos discloses issue