CVE-2022-4986
Published: 02 April 2026
Summary
CVE-2022-4986 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Beldan Eaglesdv Firmware. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 34.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SC-5 (Denial-of-service Protection).
Deeper analysis
CVE-2022-4986 is a denial-of-service vulnerability in Hirschmann EagleSDV version 05.4.01 prior to 05.4.02. The flaw causes the device to crash during session establishment when TLS 1.0 or TLS 1.1 protocols are used, as these deprecated versions trigger an unhandled condition that disrupts normal operation. It is classified under CWE-400 (Uncontrolled Resource Consumption) with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
The vulnerability can be exploited by any unauthenticated attacker with network access to the device. By simply initiating a TLS connection using TLS 1.0 or TLS 1.1, the attacker triggers a device crash, rendering the EagleSDV unavailable and denying service to legitimate users until reboot or recovery.
Advisories recommend updating to Hirschmann EagleSDV version 05.4.02 to mitigate the issue. Key references include the Belden Security Bulletin BSECV-2022-08 (https://assets.belden.com/m/1c8fe5d916567af6/original/Belden_Security_Bulletin_BSECV-2022-08.pdf) and the VulnCheck advisory (https://www.vulncheck.com/advisories/hirschmann-eaglesdv-denial-of-service-via-tls).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-55960
Vulnerability details
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions…
more
to disrupt service availability.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct mapping to application/system exploitation causing crash/DoS via unauthenticated network TLS session initiation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the vulnerability by applying the vendor patch to Hirschmann EagleSDV version 05.4.02, eliminating the crash triggered by TLS 1.0/1.1 handshakes.
Implements denial-of-service protections at network boundaries to block or mitigate TLS 1.0/1.1 connection attempts that cause device crashes.
Enforces configuration settings to disable support for deprecated TLS 1.0 and 1.1 protocols, preventing session establishment that triggers the DoS crash.