HiLCOS 10.12.7798- Release Update 13

For full details and download: https://hirschmann-support.belden.com/file/HiLCOS-10.12.7798-RU13

Hirschmann is proud to announce the release of HiLCOS 10.34 Release Update 13.

General

·         UK: Band 3 (U-NII 3, Ofcom Band C*) was modified to allow indoor-only operation on

channels 149 to 165 with DFS. DFS is not required though and will be disabled in an

upcoming release.

·         Beacon timeout behaviour: Deauthentication and deassociation packets are now sent

from the wireless client to the access point in case the client experiences a beacon

timeout. This prevents the access point from misinterpreting a client's authentication and

association request, sent shortly after a beacon timeout, as a spoofing attack.

Bugfixes

·         Fixed scan table update mechanism. The update mechanism is now based on the

timestamp/age of the entries in the scan table, which means oldest entries will be

overwritten with newer ones in case of a full table. This prevents a wireless client from

loosing connection to the currently connected access point in large networks where the

client roams between more than 256 access points.

·         Web interface: Fixed a security vulnerability in the web interface of HiLCOS through which an

attacker could have caused a heap overflow.

·         SSH: Fixed SSH terrapin vulnerability issue (CVE-2023-48795)

·         OpenSSL: Fixed multiple vulnerabilities by upgrading to Openssl 1.0.2zi (CVE-2023-0286,

CVE-2022-4304, CVE-2023-0215, CVE-2022-4450).