What is CVE-2025-15620?

CVE-2025-15620 is a high-severity vulnerability in Belden Hios_switch, classified under Missing Authentication for Critical Function. CVSS score: 8.6/10. Published 2026-04-02.

How severe is CVE-2025-15620?

High severity. CVSS v3 base score is 8.6 out of 10.

Auth bypass in Belden Hios_switch

CVE-2025-15620

HiOS Switch Platform versions 09.1.00 through 09.4.04 and 10.0.00 through 10.3.00 contain a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET req…

Vulnerability class: Broken Authentication

EPSS: 0.000 (1.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Belden Hios_switch
Belden Hirschmann Hios Switch Platform — versions 09.1.00, 10.0.00

Weakness classification (CWE)

CWE-306 — Missing Authentication for Critical Function

References

disclosure@vulncheck.com (vendor-advisory, Vendor Advisory)
disclosure@vulncheck.com (Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2025-15620?: CVE-2025-15620 is a high-severity vulnerability in Belden Hios_switch, classified under Missing Authentication for Critical Function. CVSS score: 8.6/10. Published 2026-04-02.
How severe is CVE-2025-15620?: High severity. CVSS v3 base score is 8.6 out of 10.