What is CVE-2015-10148?

CVE-2015-10148 is a high-severity vulnerability in Belden Hirschmann Hilcos, classified under Use of Hard-coded Cryptographic Key. CVSS score: 7.5/10. Published 2026-04-03.

How severe is CVE-2015-10148?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Belden Hirschmann Hilcos

CVE-2015-10148

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept enc…

EPSS: 0.000 (0.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.

Affected products

Belden Hirschmann Hilcos — versions >= 9.10, 0, 9.10

Weakness classification (CWE)

CWE-321 — Use of Hard-coded Cryptographic Key

References

assets.belden.com/m/76d31798e65c9f47/original/Security-Bulletin-SSH-SSL-Default… (vendor-advisory)
www.vulncheck.com/advisories/hirschmann-hilcos-hard-coded-credentials-ssh-ssl-k… (third-party-advisory)

Frequently asked questions

What is CVE-2015-10148?: CVE-2015-10148 is a high-severity vulnerability in Belden Hirschmann Hilcos, classified under Use of Hard-coded Cryptographic Key. CVSS score: 7.5/10. Published 2026-04-03.
How severe is CVE-2015-10148?: High severity. CVSS v3 base score is 7.5 out of 10.