Unauthenticated remote attackers can disable Hirschmann Industrial IT products via a heap overflow vulnerability in the HiLCOS web interface.

A heap overflow vulnerability exists in the HiLCOS web interface. This flaw allows an unauthenticated remote attacker to send specially crafted requests to the device, leading to a system crash or a denial-of-service (DoS) condition.

The ability for an unauthenticated attacker to remotely disable industrial networking equipment can lead to immediate operational shutdowns and loss of visibility into critical processes. The CVSS score of 7.5 reflects a High severity, primarily due to the impact on system availability and the lack of authentication required for exploitation.

Immediate Action: Apply the vendor security updates immediately to all affected BAT and WLC devices.

Proactive Monitoring: Monitor network traffic for unusual or malformed HTTP requests directed at the management interfaces of Hirschmann devices.

Compensating Controls: Disable the web management interface if it is not required, or restrict access to the interface using firewall rules that only allow trusted administrative hosts.

Public Exploit Available: false

This vulnerability should be addressed with high urgency due to the unauthenticated remote attack vector. In industrial settings, availability is often the most critical security pillar. Patching affected Hirschmann devices immediately is essential to prevent potential malicious actors from causing widespread operational downtime.