What upgrades were made to a Connexium TCSESB V5.36 switch?
Issue
The implementation of SNMPv3 in TCSESB series switches contains a vulnerability that may allow authentication bypass if specifically, crafted packets are used.
Product Line
The Connexium products affected by this vulnerability with version 5.35 or lower are:
TCSESB083F23F0
TCSESB083F2CU0
TCSESB093F2CU0
Resolution
A change was made to the TCSESB series switch firmware to fix this SNMPV3 authentication vulnerability.
To resolve this vulnerability, upgrade the Connexium switch firmware to V5.36 or greater.
The implementation of SNMPv3 in TCSESB series switches contains a vulnerability that may allow authentication bypass if specifically, crafted packets are used.
Product Line
The Connexium products affected by this vulnerability with version 5.35 or lower are:
TCSESB083F23F0
TCSESB083F2CU0
TCSESB093F2CU0
Resolution
A change was made to the TCSESB series switch firmware to fix this SNMPV3 authentication vulnerability.
To resolve this vulnerability, upgrade the Connexium switch firmware to V5.36 or greater.
Released for: Schneider Electric Canada
