PatchSiren cyber security CVE debrief
CVE-2017-5163 Belden Hirschmann CVE debrief
CVE-2017-5163 is a path traversal weakness in Belden Hirschmann GECKO Lite Managed switch firmware. After an administrator downloads a configuration file, the device saves a copy in a location that can be reached without authentication. Because the saved copy contains password hashes, an attacker who can access the path may gain sensitive credential material. NVD lists affected firmware as version 2.0.00 and earlier, and classifies the issue as CWE-22.
- Vendor
- Belden Hirschmann
- Product
- CVE-2017-5163
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-13
- Advisory updated
- 2026-05-13
Who should care
OT/ICS operators, network administrators, and security teams responsible for Belden Hirschmann GECKO Lite Managed switches running firmware 2.0.00 or earlier. It is especially relevant where management interfaces are reachable from untrusted networks or where switch configuration files may contain reusable credential material.
Technical summary
The issue is documented as a path traversal problem (CWE-22). The NVD record says that after an administrator downloads a configuration file, a copy is written to a location accessible without authentication by path traversal. That copy includes hashes of user passwords, creating a confidentiality exposure. NVD’s CVSS v3.0 vector is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating remote reachability, no privileges required, and high confidentiality impact.
Defensive priority
Medium. The vulnerability can expose password hashes from configuration files, which is serious in an industrial network, but the supplied CVSS indicates high attack complexity and no direct integrity or availability impact.
Recommended defensive actions
- Review the ICS-CERT advisory referenced by NVD for vendor guidance and patch information.
- Update affected Belden Hirschmann GECKO Lite Managed switch firmware to a version newer than 2.0.00 if a fixed release is available.
- Restrict access to switch management interfaces and ensure they are not exposed to untrusted networks.
- Search for and remove any exposed configuration-file copies on affected devices or related storage locations.
- Rotate credentials and assess whether any password hashes from configuration files may have been exposed.
- Audit administrative workflows that download configuration files and verify that sensitive artifacts are not left in reachable locations.
Evidence notes
The debrief is based on the supplied NVD record and its cited ICS-CERT references. The NVD entry names the affected product as Belden Hirschmann GECKO Lite Managed switch firmware, specifies versions 2.0.00 and earlier, identifies CWE-22, and provides the CVSS v3.0 vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. The supplied corpus does not state a fixed firmware version, so remediation language is limited to consulting the referenced advisory and updating to a vendor-provided patched release if available.
Official resources
-
CVE-2017-5163 CVE record
CVE.org
-
CVE-2017-5163 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Patch, Third Party Advisory, US Government Resource
CVE published 2017-02-13T21:59:02.877Z. NVD modified record timestamp in the supplied corpus: 2026-05-13T00:24:29.033Z.