Primary

Context

Hirschmann HiOS EtherNet/IP Stack Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the EtherNet/IP stack of Hirschmann HiOS devices running versions prior to 08.1.00 and 07.1.01. The vulnerability arises from improper handling of packet length fields, allowing remote attackers to crash or hang the device. Exploitation involves sending specially crafted UDP EtherNet/IP packets with a length value greater than the actual packet size, rendering the device inoperable.

Impact

Exploitation of this vulnerability can cause the device to crash or become unresponsive, particularly when the EtherNet/IP protocol is active.

Remediation

Users are advised to update to Hirschmann HiOS version 08.1.00 or higher, or version 07.1.01 or higher, depending on their current version.

Added: Apr 3, 2026, 9:31 PM

Updated: Apr 3, 2026, 9:31 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

5.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

5.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hirschmann HiOS EtherNet/IP Stack Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Hirschmann HiOS RSP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating