Description
HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Published: 2026-04-02
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege escalation to administrator privileges
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the HiSecOS web server used in Belden Hirschmann Industrial HiVision devices. Versions 05.0.00 through 08.3.01 allow an authenticated user with either operator or auditor permissions to send specially crafted packets that cause the server to upgrade the user’s role to administrator. This elevation provides full control over the device, enabling any actions that an administrator can perform, potentially including configuration changes, firmware updates, or other privileged operations. The weakness is a privilege escalation condition listed as CWE‑269.

Affected Systems

Affected devices are Belden Hirschmann Industrial HiVision products running the HiSecOS operating system. The flaw affects HiSecOS web server releases from 05.0.00 up to and including 08.3.01. Users running any of those firmware versions should check the vendor advisory for an update. No other products or versions are mentioned.

Risk and Exploitability

The CVSS score is 8.5, indicating high severity. No EPSS score is available, and the vulnerability is not yet listed in CISA’s KEV catalog. Exploitation would require an attacker to be authenticated as a user with operator or auditor roles, typically accessed over the network that can reach the web server. Once the crafted packets are sent, the privilege level is raised, after which the attacker can perform any administrative function. Because the flaw is limited to authenticated users, initial compromise or access to the system is needed, but once achieved, the risk of full administrative takeover is significant.

Generated by OpenCVE AI on April 3, 2026 at 01:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑issued patch that updates HiSecOS to version 08.3.02 or later.
  • Verify that the device firmware is at or above the patched version before allowing access.
  • Limit network exposure of the web server by placing it behind a firewall or restricting access to trusted IP ranges.
  • Revoke or elevate only trusted operator and auditor accounts and review role assignments.
  • Monitor the system for anomalous packet activity or unexpected role changes.

Generated by OpenCVE AI on April 3, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Industrial Hivision
Vendors & Products Belden
Belden hirschmann Industrial Hivision

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device. HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Metrics cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Title Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Industrial Hivision
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T22:30:23.855Z

Reserved: 2026-04-01T21:30:55.311Z

Link: CVE-2023-7343

cve-icon Vulnrichment

Updated: 2026-04-02T20:19:26.967Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T20:16:19.747

Modified: 2026-04-03T23:17:01.433

Link: CVE-2023-7343

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:17Z

Weaknesses