Home / Vulnerability Intelligence / CVE-2018-25237

CVE-2018-25237 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 3, 2026

Hirschmann HiSecOS - Buffer Overflow

Published: April 3, 2026Updated: April 3, 2026Remote Exploitable

Overview

Hirschmann HiSecOS < 05.3.03 contains a buffer overflow caused by improper bounds checking in the HTTPS login interface with RADIUS authentication enabled, letting remote attackers cause denial of service or execute arbitrary code remotely, exploit requires RADIUS authentication enabled.

Severity & Score

Severity: Critical

CVSS Score: 9.8

Impact

Remote attackers can cause device crashes or execute arbitrary code, potentially leading to full system compromise.

Mitigation

Update to version 05.3.03 or later.

References

https://www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login
https://assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authentication-BSECV-2018-04.pdf

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2018-25237
Severity: Critical
CVSS Score: 9.8
Type: buffer_overflow
Status: new

CWE

CWE-120

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H