Hardcoded Default Credentials Vulnerability in Schneider Electric ConneXium Tofino Firewall and Belden Tofino Xenon Security Appliance

CVE-2021-30064 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).

Learn more about our Web Application Penetration Testing UK.