Lucene search
+L

256 matches found

Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30257

Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access...

5.4CVSS5.8AI score0.00204EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.7 views

PT-2026-30209

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS6AI score0.00921EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.10 views

Belden Hirschmann Industrial HiVision 代码问题漏洞

Belden Hirschmann Industrial HiVision is an industrial network management software platform developed by the American company Belden. Versions of Belden Hirschmann Industrial HiVision prior to 08.1.04 and 08.2.00 contained code vulnerabilities. These vulnerabilities stemmed from insufficient path...

7.3CVSS6.1AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.7 views

PT-2026-30262

Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests...

9.8CVSS6AI score0.00502EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.6 views

PT-2026-30232

Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbitrary commands with administrative privileges. Attackers can invoke exposed interface methods over...

9.8CVSS6.7AI score0.00961EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.16 views

Belden多款产品 访问控制错误漏洞

Belden Hirschmann HiLCOS OpenBAT, among others, are products of the American company Belden. Belden Hirschmann HiLCOS OpenBAT is an industrial-grade wireless local area network device. Belden Hirschmann HiLCOS BAT450 is an industrial-grade wireless local area network access point device. Belden...

5.4CVSS5.8AI score0.00204EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 10:16 p.m.5 views

CVE-2022-4986

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS0.00438EPSS
Exploits0References2
CVE
CVE
added 2026/04/02 9:52 p.m.8 views

CVE-2022-4986

This CVE pertains to Hirschmann EagleSDV, where a denial-of-service vulnerability can cause the device to crash during session establishment when TLS 1.0 or TLS 1.1 is used. The condition is triggered by initiating TLS connections with these protocol versions, affecting availability. The provided...

8.7CVSS5.9AI score0.00438EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/02 9:52 p.m.5 views

CVE-2022-4986

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS5.9AI score0.00438EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 9:52 p.m.2 views

CVE-2022-4986 Hirschmann EagleSDV Denial of Service via TLS

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS5.9AI score0.00438EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 9:52 p.m.25 views

CVE-2022-4986 Hirschmann EagleSDV Denial of Service via TLS

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS0.00438EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/02 9:32 p.m.6 views

EUVD-2024-55533

Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication handling to obtain elevated...

9.8CVSS6AI score0.00456EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 9:16 p.m.6 views

CVE-2024-14033

Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability...

8.7CVSS0.0043EPSS
Exploits0References2
CVE
CVE
added 2026/04/02 8:40 p.m.8 views

CVE-2024-14033

The CVE affects Hirschmann Industrial IT HiLCOS web interface and describes a heap overflow in the web UI that allows unauthenticated remote attackers to trigger a DoS by sending specially crafted requests. Impact is device crash and service disruption, particularly in configurations with Public ...

8.7CVSS6AI score0.0043EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 8:40 p.m.2 views

CVE-2024-14033

Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability...

8.7CVSS5.8AI score0.0043EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/02 8:40 p.m.3 views

CVE-2024-14033 Hirschmann EagleSDV Denial of Service via TLS

Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability...

8.7CVSS5.8AI score0.0043EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 8:40 p.m.17 views

CVE-2024-14033 Hirschmann EagleSDV Denial of Service via TLS

Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgrades to TLS 1.0 or TLS 1.1, interrupting service availability...

8.7CVSS0.0043EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 8:16 p.m.5 views

CVE-2024-14034

Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...

9.8CVSS0.00456EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 8:1 p.m.1 views

CVE-2024-14034 Hirschmann HiEOS Authentication Bypass via HTTP Management Module

Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...

9.8CVSS6AI score0.00456EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 8:1 p.m.23 views

CVE-2024-14034 Hirschmann HiEOS Authentication Bypass via HTTP Management Module

Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...

9.8CVSS0.00456EPSS
Exploits0References2
Rows per page
Query Builder