Hirschmann HiLCOS Classic Platform SNMP Password Synchronization Vulnerability

A vulnerability exists in Hirschmann HiLCOS Classic Platform switches, specifically in the Classic L2E, L2P, L3E, and L3P versions prior to 09.0.06, as well as in Classic L2B switches prior to 05.3.07. This vulnerability involves the synchronization of user passwords with SNMPv1/v2 community strings, transmitting the information in plaintext when the feature is active. Attackers with local network access can intercept SNMP traffic or extract configuration data to retrieve these plaintext credentials, potentially leading to unauthorized administrative access on the switches.

Impact

Exploitation of this vulnerability allows an attacker on the local network to recover switch administrator passwords from SNMP community strings, which are transmitted unencrypted over the network. This access can be used to gain full administrative rights on the affected switch.

Remediation

Users are advised to update to Hirschmann HiLCOS Classic Platform versions 09.0.06 or higher for L2E, L2P, L3E, and L3P switches, and to version 05.3.07 or higher for Classic L2B switches. After updating, the SNMP password synchronization feature should be disabled, SNMPv1/v2 communities should be reset to default values, SNMPv1/v2 should be disabled globally, and the read and read/write passwords should be changed.