Description
Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Published: 2026-04-02
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch ASAP
AI Analysis

Impact

A heap overflow exists in the HiLCOS web interface of Hirschmann Industrial IT devices. An unauthenticated attacker can send specially crafted TLS requests to trigger a crash, resulting in a denial of service. The attack can disrupt services, particularly when the Public Spot functionality is enabled.

Affected Systems

The flaw affects Hirschmann Industrial IT products including BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, and BAT Controller Virtual, all sold under the Belden Hirschmann EagleSDV line. Specific version information is not provided, so any model running the affected web interface is potentially vulnerable.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. No EPSS score is available and the vulnerability is not listed in CISA KEV. Because authentication is not required and the attack relies on crafted TLS packets to the web interface, remote attackers can likely exploit the flaw from outside the local network. A successful exploit will crash the device, causing service interruption to any connected systems or users.

Generated by OpenCVE AI on April 3, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-provided firmware or software patch that addresses the HiLCOS web interface heap overflow.
  • If a patch is not yet available, disable the Public Spot feature or restrict web interface access to trusted IP addresses.
  • Apply network segmentation or firewall rules to limit exposure of the affected devices to the Internet.
  • Regularly monitor device logs and network traffic for repeated attempts to send malformed TLS requests.
  • Contact Belden Hirschmann support to confirm the remediation status and receive the latest security advisory.

Generated by OpenCVE AI on April 3, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 04 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
References

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Fri, 03 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Eaglesdv
Vendors & Products Belden
Belden hirschmann Eaglesdv

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled. Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS Hirschmann EagleSDV Denial of Service via TLS
Weaknesses CWE-122 CWE-400
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Eaglesdv
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T22:22:40.094Z

Reserved: 2026-04-01T21:08:43.378Z

Link: CVE-2024-14033

cve-icon Vulnrichment

Updated: 2026-04-03T14:44:10.840Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T21:16:39.863

Modified: 2026-04-03T23:17:01.597

Link: CVE-2024-14033

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:11Z

Weaknesses