Primary

Context

Hirschmann HiSecOS Web Server Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in the HiSecOS web server, specifically in the Hirschmann HiSecOS EAGLE product line, versions 03.4.00 prior to 04.1.00. This vulnerability allows authenticated users with operator or auditor roles to escalate their privileges to the administrator role by sending specially crafted packets to the web server. Exploitation of this vulnerability could lead to full administrative access on the affected device.

Impact

Exploitation of this vulnerability allows authenticated users to gain full administrative access to the affected device.

Remediation

Users are advised to update to HiSecOS EAGLE version 04.1.00 or higher.

Added: Apr 2, 2026, 9:46 PM

Updated: Apr 2, 2026, 9:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

4.9

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

4.9

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hirschmann HiSecOS Web Server Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Hirschmann HiSecOS EAGLE

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating