CVE-2016-15058

HighPublic PoC

Published: 03 April 2026

Published

03 April 2026

Modified

07 April 2026

KEV Added

—

Patch

—

CVSS Score 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score 0.0000 0.0th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2016-15058 is a high-severity Storing Passwords in a Recoverable Format (CWE-257) vulnerability. Its CVSS base score is 8.1 (High).

Operationally, ranked at the 0.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-8 (Transmission Confidentiality and Integrity).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly addresses the CVE by requiring timely remediation of the password synchronization flaw through vendor firmware upgrades to fixed versions.

SC-8 Transmission Confidentiality and Integrity good match

prevent

Prevents attackers from sniffing plaintext credentials in SNMPv1/v2 traffic by enforcing cryptographic protection for transmission confidentiality and integrity.

IA-5 Authenticator Management good match

prevent

Mitigates credential exposure by prohibiting transmission of authenticators like synchronized passwords in plaintext without cryptographic protection.

NVD Description

Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the…

feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches.

Deeper analysisAI

CVE-2016-15058 is a credential exposure vulnerability (CWE-257) affecting Hirschmann HiLCOS Classic Platform switches, including Classic L2E, L2P, L3E, and L3P versions prior to 09.0.06, as well as Classic L2B prior to 05.3.07. The flaw occurs when the password synchronization feature with SNMPv1/v2 community strings is enabled, causing user passwords to be transmitted in plaintext.

Attackers with adjacent network access can exploit this vulnerability without authentication or user interaction, requiring low attack complexity. By sniffing SNMP traffic or extracting configuration data, they can recover plaintext credentials, achieving high confidentiality and integrity impacts (no availability impact) for unauthorized administrative access to the switches, as reflected in its CVSS v3.1 base score of 8.1 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

Vendor and advisory sources, including the Belden security bulletin (https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf), CERT KB entry (https://www.kb.cert.org/vuls/id/507216), and Vulncheck advisory (https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp), indicate mitigation through upgrading to Hirschmann HiLCOS Classic Platform versions 09.0.06 or later for L2E, L2P, L3E, and L3P models, and 05.3.07 or later for L2B, along with disabling the SNMPv1/v2 password sync feature where possible.

Details

CWE(s): CWE-257

Affected Products

—

L3P

inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-20128Shared CWE-257

References

https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf
disclosure@vulncheck.com
https://www.kb.cert.org/vuls/id/507216
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp
disclosure@vulncheck.com