Description
Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Published: 2026-04-02
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap overflow in the HiLCOS web interface of Hirschmann EagleSDV devices allows an unauthenticated remote attacker to send specially crafted requests and cause the device to crash. This results in a denial of service that disrupts network operations. The weakness is a classic buffer overflow, identified as CWE-400. The impact is local service disruption; compromised devices cannot be reliably used until rebooted or patched.

Affected Systems

The vulnerability affects a range of Belden Hirschmann EagleSDV products including BAT‑R, BAT‑F, BAT450‑F, BAT867‑R, BAT867‑F, WLC, and the BAT Controller Virtual, covering both physical devices and virtual controllers. No specific firmware or software version numbers are listed in the advisory, so all variants that deploy the HiLCOS web interface should be considered at risk.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild at this time. The vulnerability is not currently catalogued in CISA’s KEV list. Exploitation requires no authentication and can be performed from any network location that can reach the HiLCOS service, making the attack vector remote and easily discoverable by adversaries with network access.

Generated by OpenCVE AI on May 12, 2026 at 22:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Obtain and apply any available patch or firmware update for the affected Hirschmann EagleSDV devices from Belden’s security portal.
  • Disable the Public Spot functionality if it is not required, as the issue is most pronounced when it is enabled.
  • Restrict access to the HiLCOS web interface by configuring firewall rules or network segmentation to limit exposure to trusted IP ranges.
  • Monitor the devices for signs of service interruption and apply a reboot if a crash occurs until a patch can be deployed.

Generated by OpenCVE AI on May 12, 2026 at 22:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Sat, 04 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
References

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Fri, 03 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Eaglesdv
Vendors & Products Belden
Belden hirschmann Eaglesdv

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled. Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS Hirschmann EagleSDV Denial of Service via TLS
Weaknesses CWE-122 CWE-400
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
Title Hirschmann Industrial IT HiLCOS Heap Overflow DoS
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Eaglesdv
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-12T20:46:36.504Z

Reserved: 2026-04-01T21:08:43.378Z

Link: CVE-2024-14033

cve-icon Vulnrichment

Updated: 2026-04-03T14:44:10.840Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T21:16:39.863

Modified: 2026-04-03T23:17:01.597

Link: CVE-2024-14033

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T23:00:12Z

Weaknesses