CVE-2022-4986— Hirschmann EagleSDV Denial of Service via TLS
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-4986
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hirschmann EagleSDV Denial of Service via TLS
Source: NVD (National Vulnerability Database)
Vulnerability Description
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Belden Hirschmann EagleSDV 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Belden Hirschmann EagleSDV是美国Belden公司的一款工业网络安全防火墙设备。 Belden Hirschmann EagleSDV 05.4.02之前版本存在安全漏洞,该漏洞源于使用TLS 1.0或TLS 1.1建立会话时存在拒绝服务漏洞,可能导致设备崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Belden | Hirschmann EagleSDV | 0 ~ 05.4.01 | - |
II. Public POCs for CVE-2022-4986
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-4986
请登录查看更多情报信息。
Same Patch Batch · Belden · 2026-04-02 · 6 CVEs total
| CVE-2024-14034 | 9.8 CRITICAL | Hirschmann HiEOS Authentication Bypass via HTTP Management Module |
| CVE-2025-15620 | 9.3 CRITICAL | HiOS Switch Platform Denial-of-Service via Web Interface |
| CVE-2023-7342 | 8.8 HIGH | Belden HiSecOS Web Server Privilege Escalation |
| CVE-2023-7343 | 7.8 HIGH | Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File |
| CVE-2024-14033 | 7.5 HIGH | Hirschmann EagleSDV Denial of Service via TLS |
IV. Related Vulnerabilities
Same vendor: Belden
- CVE-2017-20234
GarrettCom Magnum 6K and 10K Authentication Bypass via Hardc - CVE-2017-20233
Hirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traff - CVE-2018-25236
Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Manag - CVE-2021-4477
Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass - CVE-2017-20238
Hirschmann Industrial HiVision Improper Authorization Privil
Same weakness: CWE-400
- CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-42343
FastGPT: Uncontrolled Resource Consumption leading to Sandbo - CVE-2026-42212
SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-lau - CVE-2026-32686
Unbounded exponent in decimal enables unauthenticated DoS - CVE-2026-20188
Cisco Crosswork Network Controller and Cisco Network Service
V. Comments for CVE-2022-4986
No comments yet