← voltar
CVE-2021-4477

Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass

CVSS 9.3 CRITICALEPSS 0.3%CWE-284
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
03 abr 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections (IKEv1 or IKEv2) while simultaneously using an IPv6 Internet connection to circumvent firewall policy enforcement.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Belden · Hirschmann HiLCOS OpenBAT

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://assets.belden.com/m/5fd1a50fa50cb252/original/Belden-Security-Bulletin-BSECV-1v0-2019-09.pdfhttps://www.vulncheck.com/advisories/hirschmann-hilcos-openbat-bat450-ipv6-ipsec-firewall-bypass