LeakyCreds
NewInstant webhook alerts now available — notified within seconds of any credential detection.Learn more →
Home / Vulnerability Intelligence / CVE-2021-4477

CVE-2021-4477 - Vulnerability Analysis

CriticalCVSS: 9.1

Last Updated: April 3, 2026

Hirschmann HiLCOS OpenBAT & BAT450 - Firewall Bypass

Published: April 3, 2026Updated: April 3, 2026Remote Exploitable

Overview

Hirschmann HiLCOS OpenBAT and BAT450 contain a firewall bypass vulnerability caused by improper enforcement of firewall rules in IPv6 IPsec deployments, letting attackers bypass firewall policies via IPv6 IPsec connections, exploit requires attacker to establish IPv6 IPsec connections while using IPv6 Internet.

Severity & Score

Severity: Critical
CVSS Score: 9.1

Impact

Attackers can bypass firewall rules, potentially allowing unauthorized network access and data exposure.

Mitigation

Update to the latest available version with firewall enforcement fixes.

References

Related Resources

Details

CVE ID
CVE-2021-4477
Severity
Critical
CVSS Score
9.1
Type
undefined
Status
new

CWE

  • CWE-284

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N