Skip to main content
Security Advisory

Tofino Xenon Security Appliance

Restrict physical access to the device. Only purchase the SA from trustworthy sources. Disconnect the appliance from the network when in the DECOMMISSIONED state. If possible, disable the OPC Classic DPI (Enforcer). Enable the device’s syslog feature and monitor for DECOMMISSIONED mode and unexpected configuration updates.

Risk Information

affected product:

Tofino Xenon 3.2 and below, Eaton Tofino 2.2.01 and below, Eagle20 Tofino 2.2.01 and below, Exxon Tofino 2.2.00 and below

Limited Threat

CVE ID

CVE-2021-30061

CVE-2021-30062

CVE-2021-30063

CVE-2021-30064

CVE-2021-30065

CVE-2021-30066

ID

CVE-2021-30061

Source

Dragos

Skill Level

N/A

CVSSV3 BASE / TEMPORAL SCORE

N/A

CVSSV3 vector

N/A

Affecting

  • Tofino Xenon 3.2 and below, Eaton Tofino 2.2.01 and below, Eagle20 Tofino 2.2.01 and below, Exxon Tofino 2.2.00 and below
  • Vulnerability Type

    Use of Default Credentials

    Improper Verification of Cryptographic Signature

    Use of Hard-coded Credentials

    Uncontrolled Resource Consumption

    Modbus DPI bypass

    Firmware signature verification bypass via USB

    Disclosure Timeline

    04/23/2021 - Dragos discloses issue