CVE-2017-11402

Name of the Vulnerable Software and Affected Versions Belden Hirschmann Tofino Xenon Security Appliance versions prior to 03.2.00

Description The issue is related to design flaws in OPC classic and custom netfilter modules, allowing an attacker to remotely activate rules on the firewall and connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology involves a crafted OPC dynamic port shift. This is due to errors in security settings of the OPC Classic protocol implementation.

Recommendations For versions prior to 03.2.00, update to version 03.2.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the OPC classic protocol and custom netfilter modules to minimize the risk of exploitation.