Hirschmann HiSecOS Buffer Overflow Vulnerability in HTTPS Login with RADIUS Authentication

A buffer overflow vulnerability has been identified in Hirschmann HiSecOS devices running versions prior to 05.3.03. The vulnerability occurs in the HTTPS login interface when RADIUS authentication is enabled. Remote attackers can exploit this issue by submitting a password longer than 128 characters, leading to a device crash or the execution of arbitrary code. The vulnerability arises from improper bounds checking in password handling, allowing attackers to overflow a fixed-size buffer and cause a denial-of-service condition or execute malicious code.

Impact

Exploitation of this vulnerability can cause the device to crash or reboot. Additionally, if the request is modified appropriately, it can lead to the execution of arbitrary code on the device.

Remediation

Users are advised to update to Hirschmann HiSecOS version 05.3.03 or later. If an immediate update is not possible, RADIUS authentication can be disabled, or web server access can be restricted to known IP addresses and networks.