Medium severity6.8NVD Advisory· Published Nov 20, 2017· Updated Jun 17, 2026
CVE-2017-11400
CVE-2017-11400
Description
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned, attacker-controlled, data. This occurs because the appliance_config file is signed but the .tar.sec file is unsigned.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:belden:tofino_xenon_security_appliance_firmware:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:belden:tofino_xenon_security_appliance_firmware:*:*:*:*:*:*:*:*range: <=3.1.0
- (no CPE)range: <03.2.00
- (no CPE)range: <03.2.00
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.