{"vulnerability": "cve-2021-3006", "sightings": [{"uuid": "cf679a80-2920-4fae-b9be-4a6bab5cae65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30063", "type": "seen", "source": "https://t.me/cibsecurity/40084", "content": "\u203c CVE-2021-30063 \u203c\n\nOn Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:14.000000Z"}, {"uuid": "cd5cf35d-a973-4315-b772-fc19e60387f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30066", "type": "seen", "source": "https://t.me/cibsecurity/40082", "content": "\u203c CVE-2021-30066 \u203c\n\nOn Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:11.000000Z"}, {"uuid": "073c82da-7de0-4664-bbad-122c1b5f7cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30065", "type": "seen", "source": "https://t.me/cibsecurity/40079", "content": "\u203c CVE-2021-30065 \u203c\n\nOn Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-2017-11401.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:07.000000Z"}, {"uuid": "756d3e00-598f-4247-8355-5acb23a4d365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30064", "type": "seen", "source": "https://t.me/cibsecurity/40078", "content": "\u203c CVE-2021-30064 \u203c\n\nOn Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:06.000000Z"}, {"uuid": "14e030fa-9ca9-41f9-bc20-c1a522ce40f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30062", "type": "seen", "source": "https://t.me/cibsecurity/40077", "content": "\u203c CVE-2021-30062 \u203c\n\nOn Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:05.000000Z"}, {"uuid": "76d929b5-4bd8-49ec-a3f8-1d75240e7bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30061", "type": "seen", "source": "https://t.me/cibsecurity/40075", "content": "\u203c CVE-2021-30061 \u203c\n\nOn Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T02:27:03.000000Z"}, {"uuid": "bc0d1825-2b3c-4375-a81f-a4ffa42ccb92", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3006", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/41c944c1-58b6-4543-90c0-e512cb5203cb", "content": "", "creation_timestamp": "2026-06-19T12:48:07.111453Z"}]}