CVE-2015-10148 - Vulnerability Analysis

Overview

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 < 8.80 and OpenBAT < 9.10 contain a weak cryptography vulnerability caused by identical default SSH and SSL keys that cannot be changed, letting unauthenticated remote attackers perform man-in-the-middle attacks and intercept encrypted management communications, exploit requires use of default keys.

Severity & Score

Impact

Unauthenticated attackers can intercept and decrypt management communications, impersonate devices, and expose sensitive information.

Mitigation

Update to versions 8.80 or later for BAT300, BAT54 and WLC, and 9.10 or later for OpenBAT or latest available versions.

References

• https://assets.belden.com/m/76d31798e65c9f47/original/Security-Bulletin-SSH-SSL-Default-Keys-HiLCOS-Hirschmann-BSECV-2015-12.pdf
• https://www.vulncheck.com/advisories/hirschmann-hilcos-hard-coded-credentials-ssh-ssl-keys

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner