Cyber Posture

CVE-2018-25237

CriticalPublic PoC

Published: 03 April 2026

Published
03 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0010 27.8th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than…

more

128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Requires validation of all inputs including password lengths to prevent buffer overflows from oversized submissions in the HTTPS login interface.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms like stack guards and non-executable memory to mitigate exploitation of buffer overflows for code execution or crashes.

SI-2 Flaw Remediation good match
prevent

Mandates timely flaw remediation through patching the known buffer overflow vulnerability in Hirschmann HiSecOS devices.

Security SummaryAI

CVE-2018-25237 is a buffer overflow vulnerability (CWE-120) in Hirschmann HiSecOS devices versions prior to 05.3.03. The flaw exists in the HTTPS login interface when RADIUS authentication is enabled, stemming from improper bounds checking in password handling. Remote attackers can trigger the overflow by submitting a password longer than 128 characters, corrupting a fixed-size buffer.

This vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with network accessibility, low attack complexity, no required privileges or user interaction, and potential for high confidentiality, integrity, and availability impacts. Unauthenticated remote attackers can exploit it to crash the device, causing denial of service, or achieve arbitrary code execution.

Advisories detail mitigations, including the Belden Security Bulletin BSECV-2018-04 at https://assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authentication-BSECV-2018-04.pdf and the VulnCheck advisory at https://www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login.

Details

CWE(s)
CWE-120

References