EUVD-2015-9425

🗓️ 04 Apr 2026 00:31:26Reported by EUVDType

Hirschmann HiLCOS OpenBAT, WLC, BAT300, BAT54 ship with unchangeable default keys, enabling man in middle attacks.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2015-10148	3 Apr 202621:42	–	attackerkb
Circl	CVE-2015-10148	3 Apr 202623:07	–	circl
CNNVD	Belden多款产品安全漏洞	3 Apr 202600:00	–	cnnvd
CVE	CVE-2015-10148	3 Apr 202621:42	–	cve
Cvelist	CVE-2015-10148 Hirschmann HiLCOS Hard-coded Credentials SSH SSL Keys	3 Apr 202621:42	–	cvelist
NVD	CVE-2015-10148	3 Apr 202622:16	–	nvd
Positive Technologies	PT-2026-30245	3 Apr 202600:00	–	ptsecurity
Vulnrichment	CVE-2015-10148 Hirschmann HiLCOS Hard-coded Credentials SSH SSL Keys	3 Apr 202621:42	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "b385a25b-dfa5-3ed6-b3ca-c05b5a2d37cb",
        "vendor": {
          "name": "Belden"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "40bf094d-4ad7-3b5c-8487-2db6aa804d52",
        "product": {
          "name": "Hirschmann HiLCOS"
        },
        "product_version": "patch: >= 9.10"
      },
      {
        "id": "6c62b954-12de-308d-8721-12351bd3412e",
        "product": {
          "name": "Hirschmann HiLCOS"
        },
        "product_version": "0 ≤8.60"
      },
      {
        "id": "ac653394-0795-325d-90a7-b6e09381a178",
        "product": {
          "name": "Hirschmann HiLCOS"
        },
        "product_version": "0 ≤8.80"
      },
      {
        "id": "e4653334-ea42-34d3-93ee-32233d8d6869",
        "product": {
          "name": "Hirschmann HiLCOS"
        },
        "product_version": "0 ≤9.00-RU1"
      }
    ]
  }
]

Source	Link
assets	www.assets.belden.com/m/76d31798e65c9f47/original/Security-Bulletin-SSH-SSL-Default-Keys-HiLCOS-Hirschmann-BSECV-2015-12.pdf
vulncheck	www.vulncheck.com/advisories/hirschmann-hilcos-hard-coded-credentials-ssh-ssl-keys
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-10148

04 Apr 2026 00:31Current

5.9Medium risk

Vulners AI Score5.9

CVSS 48.8

CVSS 3.18.2

EPSS0.00002