Primary

Context

Hirschmann HiLCOS OpenBAT and BAT450 IPv6 IPsec Firewall Bypass Vulnerability

Vulnerability

A firewall bypass vulnerability has been identified in Hirschmann HiLCOS OpenBAT and BAT450 products, specifically in versions 8.80-REL prior to 10.12-RU2. This vulnerability occurs in IPv6 IPsec deployments, allowing traffic from VPN connections to circumvent established firewall rules. Exploitation involves creating IPv6 IPsec connections, either IKEv1 or IKEv2, while using an IPv6 Internet connection, thereby bypassing firewall policy enforcement.

Impact

Exploitation of this vulnerability allows VPN traffic to bypass firewall rules, potentially exposing devices or networks to unwanted and harmful traffic.

Remediation

Users are advised to update to version 10.12-RU2 or later.

Added: Apr 3, 2026, 11:29 PM

Updated: Apr 3, 2026, 11:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

5.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

5.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hirschmann HiLCOS OpenBAT and BAT450 IPv6 IPsec Firewall Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating