How severe is CVE-2021-30064?

CVE-2021-30064 has a severity rating of 9.8, which is considered critical.

Are there any known fixes for CVE-2021-30064?

Yes, Schneider Electric has released a firmware update to address the vulnerability. It is recommended to update to version 03.23 or later.

Where can I find more information about CVE-2021-30064?

You can find more information about CVE-2021-30064 on Schneider Electric's security advisory page (SEVD-2022-011-05) and Belden's support page.

Vulnerability/
CVE-2021-30064

critical

9.8

CWE

798

3/4/2022

3/8/2024

CVE-2021-30064

Q: What is CVE-2021-30064?

CVE-2021-30064 is a vulnerability found in Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance that allows SSH login with hardcoded default credentials.

Q: What software is affected by CVE-2021-30064?

CVE-2021-30064 affects Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance.

First published: Sun Apr 03 2022(Updated: )

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Belden Tofino Xenon Security Appliance Firmware	<03.2.03
Belden Tofino Xenon Security Appliance Firmware
Belden Tofino Argon Fa-tsa-220-tx/mm Firmware
Belden Tofino Argon Fa-tsa-220-tx/mm
Belden Tofino Argon Fa-tsa-220-tx/tx Firmware
Belden Tofino Argon Fa-tsa-220-tx/tx
Belden Tofino Argon Fa-tsa-220-mm/tx Firmware
Belden Tofino Argon Fa-tsa-220-mm/tx
Belden Tofino Argon Fa-tsa-220-mm/mm Firmware
Belden Tofino Argon Fa-tsa-220-mm/mm
Belden Tofino Argon Fa-tsa-100-tx/tx Firmware
Belden Tofino Argon Fa-tsa-100-tx/tx
Belden Eagle 20 Tofino 943 987-505-mm/mm Firmware
Belden Eagle 20 Tofino 943 987-505-mm/mm
Belden Eagle 20 Tofino 943 987-504-mm/tx Firmware
Belden Eagle 20 Tofino 943 987-504-mm/tx
Belden Eagle 20 Tofino 943 987-502 -tx/mm Firmware
Belden Eagle 20 Tofino 943 987-502
Belden Eagle 20 Tofino 943 987-501-tx/tx Firmware
Belden Eagle 20 Tofino
Schneider-electric Tcsefea23f3f20 Firmware
Schneider-electric Tcsefea23f3f20
Schneider-electric Tcsefea23f3f21 Firmware
Schneider-electric Tcsefea23f3f21
Schneider-electric Tcsefea23f3f22 Firmware	<03.23
Schneider-electric Tcsefea23f3f22

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-30064?
CVE-2021-30064 is a vulnerability found in Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance that allows SSH login with hardcoded default credentials.
How severe is CVE-2021-30064?
CVE-2021-30064 has a severity rating of 9.8, which is considered critical.
What software is affected by CVE-2021-30064?
CVE-2021-30064 affects Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance.
Are there any known fixes for CVE-2021-30064?
Yes, Schneider Electric has released a firmware update to address the vulnerability. It is recommended to update to version 03.23 or later.
Where can I find more information about CVE-2021-30064?
You can find more information about CVE-2021-30064 on Schneider Electric's security advisory page (SEVD-2022-011-05) and Belden's support page.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/belden
canonical/belden tofino xenon security appliance firmware
canonical/belden tofino argon fa-tsa-220-tx/mm firmware
canonical/belden tofino argon fa-tsa-220-tx/mm
canonical/belden tofino argon fa-tsa-220-tx/tx firmware
canonical/belden tofino argon fa-tsa-220-tx/tx
canonical/belden tofino argon fa-tsa-220-mm/tx firmware
canonical/belden tofino argon fa-tsa-220-mm/tx
canonical/belden tofino argon fa-tsa-220-mm/mm firmware
canonical/belden tofino argon fa-tsa-220-mm/mm
canonical/belden tofino argon fa-tsa-100-tx/tx firmware
canonical/belden tofino argon fa-tsa-100-tx/tx
canonical/belden eagle 20 tofino 943 987-505-mm/mm firmware
canonical/belden eagle 20 tofino 943 987-505-mm/mm
canonical/belden eagle 20 tofino 943 987-504-mm/tx firmware
canonical/belden eagle 20 tofino 943 987-504-mm/tx
canonical/belden eagle 20 tofino 943 987-502 -tx/mm firmware
canonical/belden eagle 20 tofino 943 987-502
canonical/belden eagle 20 tofino 943 987-501-tx/tx firmware
canonical/belden eagle 20 tofino
vendor/schneider-electric
canonical/schneider-electric tcsefea23f3f20 firmware
canonical/schneider-electric tcsefea23f3f20
canonical/schneider-electric tcsefea23f3f21 firmware
canonical/schneider-electric tcsefea23f3f21
canonical/schneider-electric tcsefea23f3f22 firmware
canonical/schneider-electric tcsefea23f3f22

CVE-2021-30064

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-30064?

How severe is CVE-2021-30064?

What software is affected by CVE-2021-30064?

Are there any known fixes for CVE-2021-30064?

Where can I find more information about CVE-2021-30064?

Company

Resources

Contact