Cyber Resilience

CVE-2023-7342

HighPublic PoC

Published: 02 April 2026

Published
02 April 2026
Modified
03 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0027 17.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2023-7342 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Belden (inferred from references). Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2023-7342 is a privilege escalation vulnerability in the HiSecOS web server, affecting versions 03.4.00 prior to 04.1.00. It enables authenticated users with operator or auditor roles to elevate their privileges to the administrator role by sending specially crafted packets to the web server. The flaw is rated with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-269 (Improper Privilege Management).

An attacker with existing low-privilege access, such as operator or auditor credentials, can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation grants full administrative access to the affected device, potentially allowing complete control over the system's configuration, data, and operations.

Advisories from Belden (BSECV-2021-07) and VulnCheck detail the issue and recommend upgrading to HiSecOS web server version 04.1.00 or later to mitigate the vulnerability.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can…

more

exploit this flaw to gain full administrative access to the affected device.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct exploitation of improper privilege management flaw in authenticated web session to escalate from operator/auditor to administrator role.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-23896Shared CWE-269
CVE-2025-27639Shared CWE-269
CVE-2025-8899Shared CWE-269
CVE-2025-26705Shared CWE-269
CVE-2015-10139Shared CWE-269
CVE-2026-8972Shared CWE-269
CVE-2025-0893Shared CWE-269
CVE-2026-6769Shared CWE-269
CVE-2025-2858Shared CWE-269
CVE-2025-48613Shared CWE-269

Affected Assets

Belden
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly addresses this privilege escalation vulnerability by applying the vendor-recommended upgrade to HiSecOS web server version 04.1.00 or later.

prevent

Least privilege enforcement counters CWE-269 improper privilege management, preventing operator or auditor users from escalating to administrator via crafted packets.

prevent

Access enforcement ensures the web server authorizes actions based on roles, blocking unauthorized privilege escalation from specially crafted packets.

References