CVE-2015-10148
Received Received - Intake

Default SSH/SSL Keys in Hirschmann HiLCOS Enable MITM Attacks

Vulnerability report for CVE-2015-10148, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-03

Last updated on: 2026-04-03

Assigner: VulnCheck

Description

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform man-in-the-middle attacks, impersonate devices, and expose sensitive information by leveraging the shared default cryptographic keys across multiple devices.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-03
Last Modified
2026-04-03
Generated
2026-07-06
AI Q&A
2026-04-04
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
hirschmann hilcos to 8.80 (exc)
hirschmann openbat to 9.10 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-321 The product uses a hard-coded, unchangeable cryptographic key.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to version 8.80 and OpenBAT prior to version 9.10. These devices are shipped with identical default SSH and SSL keys that cannot be changed.

Because the cryptographic keys are shared and unchangeable across multiple devices, unauthenticated remote attackers can exploit this to decrypt or intercept encrypted management communications.

Attackers can perform man-in-the-middle attacks, impersonate devices, and expose sensitive information by leveraging these shared default keys.

Impact Analysis

This vulnerability can have serious security impacts including:

  • Allowing attackers to decrypt or intercept encrypted management communications.
  • Enabling man-in-the-middle attacks where attackers can intercept or alter communications.
  • Allowing attackers to impersonate legitimate devices, potentially gaining unauthorized access.
  • Exposing sensitive information managed by the affected devices.
Compliance Impact

This vulnerability allows unauthenticated remote attackers to decrypt or intercept encrypted management communications by exploiting identical default SSH and SSL keys that cannot be changed. Such exposure of sensitive information and the ability to perform man-in-the-middle attacks can lead to violations of data protection and privacy requirements mandated by common standards and regulations like GDPR and HIPAA.

Specifically, the compromise of encrypted communications and potential exposure of sensitive data may result in non-compliance with confidentiality and integrity requirements, increasing the risk of regulatory penalties and loss of trust.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2015-10148. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart