CVE-2022-4986

HIGH

Hirschmann EagleSDV Denial of Service via TLS

Title source: cna

Description

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.

References (3)

Core 3

Core References

Vendor Advisory

Belden Security Bulletins

https://www.belden.com/security

Vendor Advisory vendor-advisory

https://assets.belden.com/m/1c8fe5d916567af6/original/Belden_Security_Bulletin_BSECV-2022-08.pdf

https://www.vulncheck.com/advisories/hirschmann-eaglesdv-denial-of-service-via-tls

Scores

CVSS v3 7.5

EPSS 0.0044

EPSS Percentile 34.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (7)

beldan/eaglesdv_firmware < 05.4.02

Belden/Hirschmann EagleSDV < 05.4.01

Belden/Hirschmann EagleSDV < 08.1.03

Belden/Hirschmann EagleSDV < 08.1.04

Belden/Hirschmann EagleSDV < 08.2.00

Belden/Hirschmann EagleSDV 05.4.01 - 05.4.02

Belden/Hirschmann EagleSDV 05.4.02

Published Apr 02, 2026

Tracked Since Apr 03, 2026