Description
HiOS Switch Platform versions 09.1.00 prior to 09.4.05 and 10.3.01 contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to cause service disruption and unavailability of the switch.
Published: 2026-04-02
Score: 9.2 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The flaw in the HiOS Switch Platform web interface lets a remote attacker send a crafted HTTP GET request to a specific endpoint, causing the device to reboot automatically. Because no authentication or input validation is performed, the endpoint accepts arbitrary requests, resulting in an uncontrolled reboot that brings the switch offline for an indeterminate period. This is a classic input validation vulnerability (CWE-306) that leads to a denial-of-service scenario.

Affected Systems

Affected products are the Belden Hirschmann HiOS Switch Platform. Versions 09.1.00 up through 09.4.04 and the 10.3.01 release contain the flaw. Firmware releases 09.4.05 and later, and any newer 10.3.x releases, are not susceptible.

Risk and Exploitability

With a CVSS score of 9.2, the vulnerability is considered critical. An attacker can exploit it simply by sending a malicious HTTP GET request over the network to the vulnerable endpoint, with no credentials required. EPSS data is not available, and the flaw is not listed in the CISA KEV catalog, but the high severity score and the ease of exploitation mean that any network exposed to the switch’s web interface is at risk of abrupt service disruption. Timely patching or network segmentation is essential to mitigate potential downtime.

Generated by OpenCVE AI on April 3, 2026 at 01:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware release that incorporates the fix (09.4.05 or newer in the 09.4.x line and any newer 10.3.x releases).
  • Limit or isolate web-interface access to trusted networks, or disable the vulnerable endpoint if the vendor provides a configuration option.
  • Monitor the device for unexpected reboots after patching or access restriction to confirm the effectiveness of the mitigation.

Generated by OpenCVE AI on April 3, 2026 at 01:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References

Fri, 03 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Hios Switch Platform
Vendors & Products Belden
Belden hirschmann Hios Switch Platform

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to cause service disruption and unavailability of the switch. HiOS Switch Platform versions 09.1.00 prior to 09.4.05 and 10.3.01 contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to cause service disruption and unavailability of the switch.

Thu, 02 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Description HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to cause service disruption and unavailability of the switch.
Title HiOS Switch Platform Denial-of-Service via Web Interface
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H'}

cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H'}

Subscriptions

Belden Hirschmann Hios Switch Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T22:24:26.625Z

Reserved: 2026-04-01T21:14:41.757Z

Link: CVE-2025-15620

cve-icon Vulnrichment

Updated: 2026-04-03T15:38:26.788Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T21:16:40.137

Modified: 2026-04-03T23:17:03.417

Link: CVE-2025-15620

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:12Z

Weaknesses