Description
HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Published: 2026-04-02
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation to Administrator
Action: Immediate Patch
AI Analysis

Impact

A flaw in the HiSecOS web server running on Belden Hirschmann Industrial HiVision allows authenticated users assigned the operator or auditor role to elevate their privileges to administrator by sending specially crafted packets. Once privileges are escalated, an attacker gains full control over the affected device.

Affected Systems

Vulnerable firmware versions range from 5.0.0 to 8.3.1 on the HiSecOS web server. The issue is resolved in firmware 8.3.2 and later, which removes the privilege escalation path. Devices running earlier versions should be identified and updated accordingly.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity risk, yet the EPSS score of less than 1% suggests a low probability of exploitation and the vulnerability is not listed in the KEV catalog. Attackers must first authenticate as an operator or auditor and then transmit malicious packets to the web server; while the precise network channel is not specified, it is inferred that exposure occurs over the remote web interface as the packets are sent to the server. Because the flaw requires pre‑existing credentials, the overall risk is moderate but the consequences of a successful exploit are serious if an attacker gains administrator access.

Generated by OpenCVE AI on April 4, 2026 at 02:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the HiSecOS firmware to version 8.3.2 or later to fix the privilege escalation vulnerability.
  • If an upgrade cannot be performed immediately, restrict or remove operator and auditor accounts from the device and limit their access to trusted networks.
  • Block or restrict the network ports and protocols used to send the malicious packets to the web server until the patch is applied.
  • Enforce strong authentication for the web interface to reduce the risk of credential compromise, ensuring that operator and auditor accounts use secure passwords or two‑factor authentication.
  • Regularly review Belden security bulletins and apply any additional vendor‑recommended safeguards.

Generated by OpenCVE AI on April 4, 2026 at 02:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Industrial Hivision
Vendors & Products Belden
Belden hirschmann Industrial Hivision

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device. HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Metrics cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
Title Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Industrial Hivision
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T22:30:23.855Z

Reserved: 2026-04-01T21:30:55.311Z

Link: CVE-2023-7343

cve-icon Vulnrichment

Updated: 2026-04-02T20:19:26.967Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T20:16:19.747

Modified: 2026-04-03T23:17:01.433

Link: CVE-2023-7343

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T07:55:24Z

Weaknesses