A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms
Description
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Hirschmann
PRODUCT: HiLCOS OpenBAT and BAT450
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A firewall bypass in Hirschmann HiLCOS OpenBAT and BAT450 products allows IPv6 IPsec VPN traffic to circumvent configured security rules.
Executive Summary:
Hirschmann HiLCOS wireless devices are vulnerable to a critical firewall bypass that allows unauthorized network traffic to circumvent security policies in IPv6 IPsec environments.
Vulnerability Details
CVE-ID: CVE-2021-4477
Affected Software: Hirschmann HiLCOS OpenBAT and BAT450
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: When using IPv6 IPsec (IKEv1 or IKEv2) alongside an IPv6 internet connection, the device fails to apply firewall rules to VPN traffic, allowing it to bypass policy enforcement.
Business Impact
This flaw allows unauthorized traffic to enter protected network segments, potentially leading to data breaches or unauthorized access to internal resources. The CVSS score of 9.1 reflects the critical failure of a core security component (the firewall).
Remediation Plan
Immediate Action: Apply the latest HiLCOS firmware updates to all affected OpenBAT and BAT450 devices to restore proper firewall enforcement for IPv6 traffic.
Proactive Monitoring: Audit network traffic logs for unexpected IPv6 connections that should have been blocked by existing firewall policies.
Compensating Controls: If patching is delayed, consider disabling IPv6 or IPsec functionality if they are not critical to operations, or implement secondary firewalls behind the Hirschmann devices.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Apr 3, 2026, there is no public information indicating active exploitation. This vulnerability specifically affects IPv6 environments, which are becoming increasingly common in industrial IoT.
Analyst Recommendation
A firewall that can be bypassed is a significant security failure. Organizations relying on HiLCOS devices for secure remote access via IPv6 must update their firmware immediately to ensure their security policies remain effective.