Home / Vulnerability Intelligence / CVE-2024-14034

CVE-2024-14034 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 2, 2026

Hirschmann HiEOS - Authentication Bypass

Published: April 2, 2026Updated: April 2, 2026Remote Exploitable

Overview

Hirschmann HiEOS contains an authentication bypass caused by improper authentication handling in the HTTP(S) management module, letting unauthenticated remote attackers gain administrative access and perform unauthorized actions.

Severity & Score

Severity: Critical

CVSS Score: 9.8

Impact

Unauthenticated attackers can gain administrative access, allowing full control including configuration and firmware modification.

Mitigation

Update to the latest version with the authentication bypass fix.

References

https://assets.belden.com/m/7ec5c6da25ef288/original/Belden_Security_Bulletin_BSECV-2024-02_1v0.pdf

Related Resources

Details

CVE ID: CVE-2024-14034
Severity: Critical
CVSS Score: 9.8
Type: broken_authentication
Status: new

CWE

CWE-287

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H