Security Assurance


Belden is committed to providing the most reliable, secure solutions to ensure peace-of-mind for our customers. We continually review our products for issues arising from global security attacks. Any security vulnerabilities will be communicated promptly and with complete transparency.

Receive Security Alerts

Subscribe to our mailing list to receive updates regarding new security bulletins.

Security Bulletins
Last Update: May 13th, 2024
IdentifierDocument TitleVersionLast UpdatedDocument Download
BSECV-2022-17Multiple BusyBox vulnerabilities in BAT-C2 and OWL1.005.13.2024Security Bulletin
BSECV-2024-02Web Server Authentication Bypass Vulnerability in HiEOS1.004.26.2024Security Bulletin
BSECV-2023-05Multiple OpenSSL vulnerabilities in Hirschmann products1.03.20.2024Security Bulletin
BSECV-2022-07Multiple expat vulnerabilities in Hirschmann HiOS/ HiSecOS, BAT-C2 & GECKO products. Bulletin
BSECV-2022-30Zlib has a heap-based buffer over-read or buffer overflow1.08.8.2023Security Bulletin
BSECV-2021-15Multiple NTP vulnerabilities in HiSecOS1.007.25.2023Security Bulletin
BSECV-2021-27DNS request vulnerability in Firewall Products1.007.25.2023Security Bulletin
BSECV-2022-16net-snmp vulnerability in Hirschmann HiSecOS1.007.25.2023Security Bulletin
BSECV-2023-10Java SE vulnerability in Belden/Hirschmann software products1.007.17.2023Security Bulletin
BSECV-2022-26Multiple libexpat vulnerabilities in HiOS, Classic, HiSecOS, Wireless BAT-C2, Lite Managed, Edge 1.0 04.25.2023Security Bulletin
BSECV-2022-29strongSwan: integer overflow when replacing certificates in cache 1.0 04.24.2023Security Bulletin
BSECV-2023-06Industrial HiVision: Opening of IHP project files may lead to automatic execution of arbitrary scripts or binaries 1.0 04.07.2023Security Bulletin
BSECV-2021-07HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation 1.0 01.30.2023Security Bulletin
BSECV-2022-18Multiple vulnerabilities in BAT-C2 1.0 11.23.2022Security Bulletin
BSECV-2022-21Authenticated Command Injection in Hirschmann BAT-C2 1.0 11.23.2022Security Bulletin
BSECV-2022-20TinyXML vulnerability in Hirschmann HiLCOS products1.011.23.2022Security Bulletin
BSECV-2022-12Multiple Java SE vulnerabilities in Belden/Hirschmann software products 1.0 11.10.2022Security Bulletin
BSECV-2021-03Industrial HiVision: Configured external applications may result in execution of arbitrary binaries1.010.17.2022Security Bulletin
BSECV-2022-13 Denial of Service Vulnerability in EagleSDV 1.0 08.01.2022Security Bulletin
BSECV-2021-16 FragAttacks Hirschmann BAT 1.1 08.01.2022Security Bulletin
BSECV-2022-09 FragAttacks ProSoft RadioLinx RLX2 1.0 07.01.2022Security Bulletin
BSECV-2022-11 Multiple vulnerabilities in Provize Basic Frontend 1.0 05.03.2022Security Bulletin
BSECV-2022-05 Multiple vulnerabilities in Provize Basic Backend 1.0 05.03.2022Security Bulletin
BSECV-2022-01 Vulnerability in ‘axios’ HTTP client in Provize Basic 1.0 05.03.2022Security Bulletin
BSECV-2021-05 Multiple Vulnerabilities in Tofino Bulletin
BSECV-2020-03 Potential denial of service vulnerability in PROFINET Devices via DCE-RPC Packets Bulletin
BSECV-2020-10Password Change Authentication Bypass Vulnerability in HiOS & HiSecOS Bulletin
BSECV-2019-08Hirschmann RSP, RSPE, and OS2 series HSR denial of service vulnerability 1.0 01.28.2021Security Bulletin
BSECV-2021-02ICX35 Local Web Based Configuration Interface Password Set 1.0 01.15.2021Security Bulletin
BSECV-2019-09IPsec Firewall Bypass Vulnerability in WLAN (HiLCOS) Products 1.0 01.11.2021Security Bulletin
BSECV-2020-08 EtherNet/IP Vulnerability in 2012 release of (3) PLX31s 1.0 12.18.2020Security Bulletin
BSECV-2019-14 HiOS EtherNet/IP stack vulnerability 1.0 09.09.2020Security Bulletin
BSECV-2020-04Multiple dnsmasq Vulnerabilities in OWL 3G, LTE & LTE M12 1.0 06.15.2020Security Bulletin
BSECV-2020-02JAVA SE vulnerability in Industrial HiVision1.0 06.15.2020Security Bulletin
BSECV-2020-06pppd vulnerability in Hirschmann OWL Devices1.05.28.2020Security Bulletin
BSECV-2020-01Web Server Buffer Overflow in HiOS & HiSecOS products Bulletin
BSECV-2019-05Multiple IP vulnerabilities in Hirschmann HiOS and Classic Firewall and GarrettCom DX products (URGENT/11) 1.3 11.27.2019Security Bulletin
BSECV-2018-06Belden GarrettCom MNS 6K and 10K OpenSSL Vulnerabilities1.008.09.2019Security Bulletin
BSECV-2018-08Belden GarrettCom MNS 6K and 10K SNMP Vulnerability1.008.09.2019Security Bulletin
BSECV-2018-07Jackson vulnerability in Industrial HiVision1.006.06.2018Security Bulletin
BSECV-2017-11strongSwan vulnerability in HiSecOS1.006.06.2018Security Bulletin
BSECV-2017-16WPA2 Key Reinstallation Attack (KRACK) vulnerabilities in Hirschmann BAT devices 1.1 06.06.2018Security Bulletin
BSECV-2017-15Web Server Authentication Bypass Vulnerability in HiOS & HiSecOS1.005.25.2018Security Bulletin
BSECV-2018-02Weaknesses in Hirschmann Classic Platform Switches when using plaintext HTTP for remote management access1.103.09.2018
BSECV-2018-03Weaknesses in Hirschmann Classic Platform Switches in the user authentication module Bulletin
BSECV-2018-04RADIUS authentication vulnerability1.0 02.26.2018Security Bulletin
BSECV-2017-14;  CVE-2017-11400;  CVE-2017-11401;  CVE-2017-11402Potential Tofino Firmware Signing / Protocol Filtering Evasion / Firewall Bypass1.011.06.2017Security Bulletin
BSECV-2017-2Unauthenticated remote code execution vulnerability in Industrial HiVision1.0 08.18.2017Security Bulletin
BSECV-2017-12Vulnerability in the bundled Java Runtime Environment lets local users execute arbitrary code in Industrial HiVision, HiFusion and HiView1.008.11.2017Security Bulletin
BSECV-2017-10ICX35 User Interface Input Validation Issue  1.0 05.08.2017Security Bulletin
BSECV-2017-9ICX35 Authentication Vulnerability1.0 05.08.2017Security Bulletin
BSECV-2017-8Belden GarrettCom MNS 6K and 10K Device Access and Security Key Vulnerabilities1.0  05.08.2017Security Bulletin
BSECV-2017-3Potential false forward of IPv4 multicast/broadcast traffic by HiLCOS Layer-2 Firewall 1.0 05.08.2017Security Bulletin
BSECV-2017-7Possible Request Forgery Vulnerabilities for GECKO Devices Bulletin
BSECV-2017-1Restricted user roles may gain write access to devices managed by Industrial HiVision Bulletin
BSECV-2016-2Passwords Synchronization with SNMP v1/v2 communities Bulletin
BSECV-2016-5 Possible Information Disclosure for GECKO Devices1.0 12.19.2016Security Bulletin
BSECV-2016-4HiOS TCP Initial Sequence Number Predictability 1.0 06.06.2016Security Bulletin
BSECV-2016-1GECKO authentication bypass1.0 03.07.2016Security Bulletin
BSECV-2015-5Identical SSH and SSL default keys in HiLCOS Products1.012.11.2015Security Bulletin
BSECV-2015-4;CVE-2008-0960SNMPv3 Authentication Bypass 1.0 07.10.2015Security Bulletin