CVE-2015-10148 Hirschmann HiLCOS Hard-coded Credentials SSH SSL Keys

🗓️ 03 Apr 2026 21:42:51Reported by VulnCheckType

Hirschmann HiLCOS devices ship with identical unchangeable keys enabling interception and impersonation.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2015-10148	3 Apr 202621:42	–	attackerkb
Circl	CVE-2015-10148	3 Apr 202623:07	–	circl
CNNVD	Belden多款产品安全漏洞	3 Apr 202600:00	–	cnnvd
CVE	CVE-2015-10148	3 Apr 202621:42	–	cve
EUVD	EUVD-2015-9425	4 Apr 202600:31	–	euvd
NVD	CVE-2015-10148	3 Apr 202622:16	–	nvd
Positive Technologies	PT-2026-30245	3 Apr 202600:00	–	ptsecurity
Vulnrichment	CVE-2015-10148 Hirschmann HiLCOS Hard-coded Credentials SSH SSL Keys	3 Apr 202621:42	–	vulnrichment

[
  {
    "vendor": "Belden",
    "product": "Hirschmann HiLCOS",
    "versions": [
      {
        "status": "affected",
        "version": "9.00",
        "versionType": "custom",
        "lessThanOrEqual": "9.00-RU1"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "8.80"
      },
      {
        "status": "unaffected",
        "version": "9.10",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
assets	www.assets.belden.com/m/76d31798e65c9f47/original/Security-Bulletin-SSH-SSL-Default-Keys-HiLCOS-Hirschmann-BSECV-2015-12.pdf
vulncheck	www.vulncheck.com/advisories/hirschmann-hilcos-hard-coded-credentials-ssh-ssl-keys

25 May 2026 23:40Current

CVSS 3.18.2

CVSS 48.8

EPSS0.00002

CWE-321