CVE-2018-25236 - Vulnerability Details

- Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management

Description

Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attackers can exploit improper authentication handling to obtain the authentication status and privileges of a previously authenticated user without providing valid credentials.

Published: 2026-04-03

Score: 9.3 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An authentication bypass flaw in the HTTP(S) management interface of Hirschmann HiOS and HiSecOS allows an unauthenticated attacker to craft requests that reveal the authentication status of a user who had previously logged in. The flaw stems from improper enforcement of authentication checks, mapping to CWE‑287. If exploited, the attacker can gain administrative privileges on the system, potentially compromising confidentiality, integrity, and availability of the device.

Affected Systems

The vulnerability affects Belden Hirschmann HiOS and HiSecOS EAGLE products. Specific series impacted include RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, and the EAGLE management platform. No version ranges are stated in the available data.

Risk and Exploitability

With a CVSS score of 9.3, the flaw is considered critical. Although EPSS data is not available, the absence of a known exploit in the KEV catalog does not mitigate the risk. The likely attack vector is a remote HTTP(S) request to the management interface, and the vulnerability can be triggered without credentials or prior user interaction, making it straightforward for attackers to obtain full administrative control.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Belden

Hirschmann HiOS

unaffected

Version	Status	Constraints
`0`	affected	≤ 05.07
`0`	affected	≤ 06.1.04
`0`	affected	≤ 06.2.00
`06.1.05`	unaffected	—
`07.0.00`	unaffected	—
`03.1.00`	unaffected	—

Belden

Hirschmann HiSecOS EAGLE

unaffected

Version	Status	Constraints
`0`	affected	≤ 03.00.02
`03.0.03`	unaffected	—

No data.

Vendor Product Confidence Versions

Belden

Hirschmann Hios

100%

Version	Status	Scheme	Platform
`[0,05.07]`	affected	generic	—
`[0,06.1.04]`	affected	generic	—
`[0,06.2.00]`	affected	generic	—
`06.1.05`	unaffected	generic	—
`07.0.00`	unaffected	generic	—
`03.1.00`	unaffected	generic	—

Belden

Hirschmann Hisecos

89%

Version	Status	Scheme	Platform
`[0,03.00.02]`	affected	generic	—
`03.0.03`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest security patch for Hirschmann HiOS and HiSecOS as distributed by Belden.
If an official patch is unavailable or delayed, restrict external access to the HTTP management interface or place it behind a secure VPN or firewall.
Verify that authentication mechanisms are enabled on the web server and that the device is not accepting unauthenticated requests.
Review device logs for unexpected authentication status responses and investigate any anomalies.

Generated by OpenCVE AI on April 4, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://assets.belden.com/m/52ecadbb5f1b0e04/original/Security-Bulletin-Web-Server-Authentication-Bypass-HiOS-HiSecOS-Hirschmann-BSECV-2018-05.pdf
https://www.vulncheck.com/advisories/hirschmann-hios-hisecos-authentication-bypass-via-http-management

History

Tue, 07 Apr 2026 00:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Belden Belden hirschmann Hios Belden hirschmann Hisecos
Vendors & Products		Belden Belden hirschmann Hios Belden hirschmann Hisecos

Mon, 06 Apr 2026 16:45:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 03 Apr 2026 22:45:00 +0000

Type	Values Removed	Values Added
Description		Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attackers can exploit improper authentication handling to obtain the authentication status and privileges of a previously authenticated user without providing valid credentials.
Title		Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management
Weaknesses		CWE-287
References		https://assets.belden.com/m/52ecadbb5f1b0e04/original/Security-Bulletin-Web-Server-Authentication-Bypass-HiOS-HiSecOS-Hirschmann-BSECV-2018-05.pdf https://www.vulncheck.com/advisories/hirschmann-hios-hisecos-authentication-bypass-via-http-management
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Subscriptions

Belden Hirschmann Hios Hirschmann Hisecos

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2026-04-03T22:44:43.486Z

Updated: 2026-04-06T15:29:05.743Z

Reserved: 2026-04-03T17:10:57.779Z

Link: CVE-2018-25236

Vulnrichment

Updated: 2026-04-06T15:03:15.192Z

NVD

Status : Awaiting Analysis

Published: 2026-04-03T23:17:00.823

Modified: 2026-04-07T13:20:55.200

Link: CVE-2018-25236

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-06T22:21:38Z

Weaknesses

CWE-287

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object