Home

Description

Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches.

PUBLISHED Reserved 2026-04-03 | Published 2026-04-03 | Updated 2026-05-14 | Assigner VulnCheck




HIGH: 8.1CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

HIGH: 8.6CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-257: Storing Passwords in a Recoverable Format

Product status

Default status
affected

>= 09.0.06 (custom)
unaffected

>= 05.3.07 (custom)
unaffected

Any version
affected

Any version
affected

References

assets.belden.com/...sword-Sync-SNMP-v1-v2-BSECV-2016-12.pdf vendor-advisory

www.kb.cert.org/vuls/id/507216

www.vulncheck.com/...sic-platform-password-exposure-via-snmp third-party-advisory

cve.org (CVE-2016-15058)

nvd.nist.gov (CVE-2016-15058)

Download JSON