Primary

Context

Hirschmann HiOS Switch Platform Denial-of-Service Vulnerability via Malicious HTTP GET Request

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the Hirschmann HiOS Switch Platform, affecting versions since 09.1.00. The issue arises in the web interface, where remote attackers can disrupt service by sending crafted HTTP GET requests to a specific endpoint. This exploitation triggers an uncontrolled reboot of the device, causing temporary unavailability and disruption of switch services.

Impact

Exploitation of this vulnerability leads to an uncontrolled reboot of the affected device, causing service disruption and unavailability of the switch.

Remediation

Users are advised to update to version 09.4.05, 10.3.01 or higher.

Added: Apr 2, 2026, 9:51 PM

Updated: Apr 2, 2026, 9:51 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hirschmann HiOS Switch Platform Denial-of-Service Vulnerability via Malicious HTTP GET Request

Vulnerability

Impact

Remediation

Affected Products

Hirschmann HiOS Switch Platform

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating