CVE-2017-11401

Name of the Vulnerable Software and Affected Versions Belden Hirschmann Tofino Xenon Security Appliance versions prior to 03.2.00

Description An issue has been discovered that allows an attacker to bypass function code filtering by sending malformed or crafted ModBus packets to a protected asset. This is due to improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter.

Recommendations For versions prior to 03.2.00, update to version 03.2.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the ModBus DPI filter until a patch is available.