CVE-2016-15058

Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is...

EUVD-2018-17235

Malware in sbrugna...

The vulnerability of the HiOS operating system with respect to Belden Hirschmann’s OS2, RSP, and RSPE network switches allows a hacker to cause maintenance failures.

The vulnerability of the HiOS operating system regarding Belden Hirschmann’s OS2, RSP, and RSPE network switches is related to resource release errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

Denial of Service Vulnerability in MM2-4TX2

Applications for Hirschmann switches include office communications, production automation, process control, traffic control, as well as stand-alone machine and equipment control systems. A denial of service vulnerability exists in MM2-4TX2, which can be exploited by attackers to cause a denial of...

The vulnerability of the web interface of Belden Hirschmann’s network switches models RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS allows a perpetrator to carry out a brute-force attack.

The vulnerability of Belden Hirschmann’s network switches models RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS lies in the insufficient limitation on authentication attempts. Exploiting this vulnerability allows a remote attacker to execute a brute-force attack...

User Forgery Vulnerability in Multiple Belden Hirschmann Switch Products

Belden Hirschmann RS, etc. are switch products of Belden USA. A security vulnerability exists in the web interface in several Belden Hirschmann switch products. An attacker could exploit the vulnerability to spoof legitimate users...

Multiple Belden Hirschmann Switch Products Brute Force Vulnerabilities

Belden Hirschmann RS, etc. are switch products of Belden USA. A security vulnerability exists in the web interface of multiple Belden Hirschmann switch products, which stems from the program failing to properly limit the number of authentication requests. An attacker could use this vulnerability ...

Man-in-the-middle attack vulnerability in multiple Belden Hirschmann switch products (CNVD-2018-04783)

Belden Hirschmann RS, etc. are switch products of Belden USA. A security vulnerability exists in the web interface of several Belden Hirschmann switch products. An attacker could exploit this vulnerability to obtain sensitive information by performing a man-in-the-middle attack...

CVE-2018-5471

A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may all...

PT-2017-08: Information Exposure in Hirschmann Automation and Control GmbH Classic Platform Switches

The specialists of the Positive Research center have detected an Information Exposure vulnerability in Hirschmann Automation and Control GmbH Classic Platform Switches. An information exposure through query strings vulnerability in the web interface of Belden Hirschmann RS, RSR, RSB, MACH100,...

Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default

Overview Hirschmann "Classic Platform" switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257: Storing Passwords in a Recoverable Format For...