Home

Description

Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access can inject or observe multicast and broadcast packets that should have been blocked by the firewall.

PUBLISHED Reserved 2026-04-03 | Published 2026-04-03 | Updated 2026-05-12 | Assigner VulnCheck




MEDIUM: 5.4CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

MEDIUM: 5.3CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-284 Improper access control

Product status

Default status
unaffected

Any version
affected

Any version
affected

Any version
unaffected

Default status
unaffected

Any version
affected

Any version
affected

References

assets.belden.com/...LCOS-Layer-2-Firewall-BSECV-2017-03.pdf vendor-advisory

www.vulncheck.com/...wall-multicast-broadcast-traffic-bypass third-party-advisory

cve.org (CVE-2017-20233)

nvd.nist.gov (CVE-2017-20233)

Download JSON