Vulnerability Description
Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://assets.belden.com/m/774d24c02be5c220/original/Belden_Security_Bulletin_B
- https://www.vulncheck.com/advisories/hirschmann-industrial-it-hilcos-heap-overfl
FAQ
What is CVE-2024-14033?
CVE-2024-14033 is a vulnerability with a CVSS score of 7.5 (HIGH). Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticate...
How severe is CVE-2024-14033?
CVE-2024-14033 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-14033?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.