Issue
A change was made to the TCSESM series switch firmware to fix an SNMPV3 authentication vulnerability.
Product Line
The Connexium products affected by this vulnerability with version 8.04 or lower are:
Resolution
The implementation of SNMPv3 contains a vulnerability that may allow authentication bypass if specifically, crafted packets are used.
To resolve this vulnerability, upgrade the Connexium switch to V8.09 or greater.
A change was made to the TCSESM series switch firmware to fix an SNMPV3 authentication vulnerability.
Product Line
The Connexium products affected by this vulnerability with version 8.04 or lower are:
| TCSESM043F23F0 | TCSESM103F23G0 | TCSESM063F2CU1C |
| TCSESM043F1CU0 | TCSESM103F2LG0 | TCSESM063F2CS1C |
| TCSESM043F2CU0 | TCSESM163F23F0 | |
| TCSESM043F1CS0 | TCSESM163F2CU0 | |
| TCSESM043F2CS0 | TCSESM163F2CS0 | |
| TCSESM083F23F0 | TCSESM243F2CU0 | |
| TCSESM083F1CU0 | TCSESM083F23F1 | |
| TCSESN083F2CU0 | TCSESM063F2CU1 | |
| TCSESM083F1CS0 | TCSESM063F2CS1 | |
| TCSESM083F2CS0 | TCSESM083F23F1C |
Resolution
The implementation of SNMPv3 contains a vulnerability that may allow authentication bypass if specifically, crafted packets are used.
To resolve this vulnerability, upgrade the Connexium switch to V8.09 or greater.
Released for: Schneider Electric Egypt and North East Africa
Need help?
Product Selector
Quickly and easily find the right products and accessories for your applications.
Get a Quote
Start your sales enquiry online and an expert will connect with you.
Where to buy?
Easily find the nearest Schneider Electric distributor in your location.
Help Center
Find support resources for all your needs, in one place.
