Description
Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability.
Published: 2026-04-02
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a denial‑of‑service condition triggered during the TLS handshake in earlier firmware of Hirschmann EagleSDV devices. Faulty handling of protocol downgrades to TLS 1.0 or TLS 1.1 allows an unauthenticated attacker to crash the device while establishing a TLS session. The crash forces a reboot or renders the device inoperable until restored, disrupting network traffic that relies on the device. The weakness is classified as CWE‑400.

Affected Systems

Firmware prior to version 05.4.02 of Belden Hirschmann EagleSDV devices is affected. All models running this firmware version are impacted, as the advisory does not list specific device identifiers.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, while the EPSS score below 1% suggests a low likelihood of exploitation in the wild at this time. The vulnerability is not listed in CISA KEV. Attackers need no authentication and can trigger the crash from any network location capable of initiating TLS connections to the device, exploiting the protocol downgrade to older TLS versions.

Generated by OpenCVE AI on May 26, 2026 at 02:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a firmware update to version 05.4.02 or later to fix the TLS handshake handling.
  • Disable support for TLS 1.0 and TLS 1.1 on the device to prevent downgrade attacks.
  • Limit network access to the device’s TLS service by restricting firewall rules or network segmentation to trusted IP ranges.
  • Monitor system logs for TLS handshake failures or crashes and reboot the device if necessary until a patch is applied.

Generated by OpenCVE AI on May 26, 2026 at 02:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 00:00:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled. Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability.

Tue, 12 May 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Sat, 04 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
References

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Fri, 03 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Eaglesdv
Vendors & Products Belden
Belden hirschmann Eaglesdv

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled. Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS Hirschmann EagleSDV Denial of Service via TLS
Weaknesses CWE-122 CWE-400
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Eaglesdv
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-25T23:41:26.609Z

Reserved: 2026-04-01T21:08:43.378Z

Link: CVE-2024-14033

cve-icon Vulnrichment

Updated: 2026-04-03T14:44:10.840Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T21:16:39.863

Modified: 2026-05-26T00:16:47.900

Link: CVE-2024-14033

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T02:30:26Z

Weaknesses