CVE-2018-25237: Critical Buffer Overflow in HiSecOS v0-05.3.03
Plattform
linux
Komponente
hirschmann-hisecos
Behoben in
05.3.03
CVE-2018-25237 represents a buffer overflow vulnerability discovered in Hirschmann HiSecOS devices. This flaw allows a remote attacker to potentially crash the device or, more critically, execute arbitrary code. The vulnerability affects versions 0 through 05.3.03 of HiSecOS and is triggered by submitting a password longer than 128 characters when RADIUS authentication is enabled. A patch is available in version 05.3.03.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2018-25237?
CVE-2018-25237 is a critical buffer overflow vulnerability in Hirschmann HiSecOS. It occurs when RADIUS authentication is enabled and a password longer than 128 characters is submitted, potentially leading to a device crash or remote code execution.
Am I affected by CVE-2018-25237?
You are potentially affected if you are using Hirschmann HiSecOS versions 0 through 05.3.03 with RADIUS authentication enabled. It is crucial to assess your environment and apply the available patch if you are vulnerable.
How do I fix CVE-2018-25237?
The vulnerability is fixed in version 05.3.03 of HiSecOS. Upgrade your devices to this version to mitigate the risk of exploitation. Ensure RADIUS authentication is properly configured and monitored.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten