ConneXium Tofino Firewall and Loadable Security Modules

Plan Patch8.1SEVD-2022-011-05Jan 11, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Multiple vulnerabilities in ConneXium Tofino Firewall and associated Loadable Security Modules (LSM) products used to protect industrial control systems at the LAN level. These devices are deployed in front of HMI, DCS, PLC, and RTU control devices. Vulnerabilities could lead to Denial of Service, local code execution, and firmware injection, resulting in service interruption, unexpected device behavior, or unauthorized configuration changes to permit malicious network traffic.

What this means

What could happen

An attacker could inject malicious firmware into the Tofino firewall or cause it to stop processing traffic, preventing it from protecting downstream control systems like PLCs and RTUs. This could allow unauthorized commands to reach critical industrial devices and disrupt operations.

Who's at risk

Water utilities and electric utilities operating industrial networks with Schneider Electric ConneXium Tofino Firewalls protecting HMI, DCS, PLC, or RTU systems. Manufacturing and transportation facilities using these firewalls for network segmentation and ICS protection are also affected.

How it could be exploited

An attacker with network access to the Tofino firewall could exploit one or more of the underlying vulnerabilities to execute code locally, inject firmware, or trigger a denial of service condition. This would compromise the firewall's ability to filter and protect traffic to downstream control devices.

Prerequisites

Network access to ConneXium Tofino Firewall
Device running firmware version earlier than v03.23

Remotely exploitableHigh CVSS score (8.1)Affects network perimeter defenseFirmware injection capabilityCould allow unauthorized control system access

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

ConneXium Tofino Firewall <v03.23<v03.23v03.23

ConneXium Tofino Firewall <all<allv03.23

ConneXium Tofino OPCLSM <Firewall host<Firewall host version v03.23Firewall host version v03.23

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade ConneXium Tofino Firewall to firmware version v03.23 or later

HOTFIXUpgrade ConneXium Tofino OPCLSM (OPC-UA Loadable Security Module) to version v03.23 compatible firmware

HARDENINGVerify firewall configuration and rule sets after upgrade to ensure protection policies remain in place

CVEs (6)

CVE-2021-30061 CVE-2021-30064 CVE-2021-30065 CVE-2021-30066 CVE-2021-30062 CVE-2021-30063

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/45ce6f98-989b-4ced-bf50-a60b1b7fd43a