Description
Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification.
Published: 2026-04-02
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution via unauthenticated access to device management interface
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the HTTP(S) management module of Hirschmann HiEOS devices and permits any remote attacker, without credentials, to bypass authentication. By sending specially crafted requests, an attacker can obtain full administrative privileges, download or upload device configuration, and modify firmware. This effectively allows any remote code or configuration change, compromising the integrity and availability of the device.

Affected Systems

All Hirschmann HiEOS LRS11 devices running firmware versions earlier than 01.1.00 are affected. The vulnerability is tied to the vendor product identified as Belden:Hirschmann HiEOS LRS11.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.3, indicating critical severity. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. Attackers can exploit the flaw over the network by accessing the HTTP(S) management interface, which is often exposed to management networks or the Internet. Because authentication is bypassed entirely, no additional credentials or privileges are required, making exploitation straightforward.

Generated by OpenCVE AI on April 3, 2026 at 01:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update (01.1.00 or newer) to the Hirschmann HiEOS LRS11 device.
  • Restrict external network access to the HTTP(S) management interface using a firewall or subnet segmentation.
  • Regularly monitor device logs for unauthorized configuration changes or firmware uploads.
  • Follow the vendor's security bulletin for any further guidance or updates.

Generated by OpenCVE AI on April 3, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
References

Fri, 03 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Hieos
Vendors & Products Belden
Belden hirschmann Hieos

Thu, 02 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification. Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification.

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification.
Title Hirschmann HiEOS Authentication Bypass via HTTP Management Module
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Hieos
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T22:27:03.051Z

Reserved: 2026-04-01T21:21:41.800Z

Link: CVE-2024-14034

cve-icon Vulnrichment

Updated: 2026-04-03T13:39:35.339Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T20:16:19.943

Modified: 2026-04-03T23:17:01.753

Link: CVE-2024-14034

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:15Z

Weaknesses