{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25237", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-03T21:16:19.764Z", "datePublished": "2026-04-03T21:22:40.634Z", "dateUpdated": "2026-04-06T15:29:16.419Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-03T21:22:40.634Z"}, "title": "Hirschmann HiSecOS Buffer Overflow via HTTPS Login", "descriptions": [{"lang": "en", "value": "Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution."}], "datePublic": "2018-02-26T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "type": "CWE"}]}], "affected": [{"vendor": "Belden", "product": "Hirschmann HiSecOS Classic Firewall (EAGLE, EAGLE One)", "versions": [{"status": "unaffected", "version": "05.3.03", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "05.3.02"}], "defaultStatus": "affected"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "version": "3.1", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "references": [{"url": "https://assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authentication-BSECV-2018-04.pdf", "tags": ["vendor-advisory"]}, {"url": "https://www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login", "tags": ["third-party-advisory"]}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:03:26.960858Z", "id": "CVE-2018-25237", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:29:16.419Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25237", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T15:03:26.960858Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:03:32.168Z"}}], "cna": {"title": "Hirschmann HiSecOS Buffer Overflow via HTTPS Login", "source": {"discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Belden", "product": "Hirschmann HiSecOS Classic Firewall (EAGLE, EAGLE One)", "versions": [{"status": "unaffected", "version": "05.3.03", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "05.3.02"}], "defaultStatus": "affected"}], "datePublic": "2018-02-26T00:00:00.000Z", "references": [{"url": "https://assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authentication-BSECV-2018-04.pdf", "tags": ["vendor-advisory"]}, {"url": "https://www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login", "tags": ["third-party-advisory"]}], "descriptions": [{"lang": "en", "value": "Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-03T21:22:40.634Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25237", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:29:16.419Z", "dateReserved": "2026-04-03T21:16:19.764Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-03T21:22:40.634Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution."}], "id": "CVE-2018-25237", "lastModified": "2026-04-07T13:20:55.200", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-03T22:16:24.740", "references": [{"source": "disclosure@vulncheck.com", "url": "https://assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authentication-BSECV-2018-04.pdf"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "05.3.03"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,05.3.02]"}}], "original": {"product": "Hirschmann HiSecOS Classic Firewall (EAGLE, EAGLE One)", "source": "cna", "vendor": "Belden"}, "product": "hirschmann_eagle_one", "vendor": "belden"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "05.3.03"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,05.3.02]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Hirschmann HiSecOS Classic Firewall (EAGLE, EAGLE One)", "source": "cna", "vendor": "Belden"}, "product": "hirschmann_hisecos", "vendor": "belden"}], "analysis": {"en": {"generated_at": "2026-04-03T23:22:38.162243+00:00", "value": {"mitigation_remediation": ["Apply the vendor\u2019s firmware update to version 05.3.03 or later. This patch removes the improper bounds checking in the password handler.", "If upgrading immediately is not possible, disable RADIUS authentication on the HTTPS login interface or block HTTPS traffic to the device until a patch is applied. This prevents the overflowing input from reaching the vulnerable routine.", "Monitor the system logs for repeated login attempts with unusually long passwords and alert any suspicious activity."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution and Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Hirschmann HiSecOS Classic Firewalls, including the EAGLE and EAGLE One variants, on all firmware releases prior to 05.3.03. Users of these devices should identify whether their firewall software predates that version and hence is susceptible.", "description_and_impact": "A buffer overflow exists in the HTTPS login interface of Hirschmann HiSecOS devices when RADIUS authentication is used. The flaw arises when a password longer than 128 characters is submitted, overwhelming a fixed\u2011size buffer. An attacker can exploit this to crash the device or potentially execute arbitrary code, resulting in a denial of service or full compromise of the system. The weakness is a classic buffer overflow (CWE\u2011120).", "risk_and_exploitability": "The CVSS score of 9.3 labels this issue as critical. Although an EPSS score is not provided, the high severity and the remote nature of the attack suggest a reasonable likelihood of exploitation. It is not listed in the CISA KEV catalog, but it remains a high\u2011risk vulnerability because attackers can trigger it simply by attempting a login via HTTPS. The most probable attack vector is a remote attacker sending a login request with an excessively long password over an HTTPS session while RADIUS authentication is enabled."}}}}, "created": "2026-04-06T21:22:28.701970+00:00", "updated": "2026-04-06T22:22:06.808485+00:00", "vendors": ["belden", "belden$PRODUCT$hirschmann_eagle_one", "belden$PRODUCT$hirschmann_hisecos"]}