{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2022-4986/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2022-4986"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["denial-of-service","cve-2022-4986","network-device"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eHirschmann EagleSDV devices are susceptible to a denial-of-service vulnerability, identified as CVE-2022-4986. This vulnerability allows an attacker to crash the device by establishing TLS sessions using the outdated TLS 1.0 or TLS 1.1 protocols. Successful exploitation results in service unavailability, impacting network operations reliant on the affected device. The vulnerability stems from improper handling of older TLS versions during session establishment. Given the critical role EagleSDV devices play in network infrastructure, this vulnerability poses a significant risk to organizations that have not yet patched their systems or disabled the deprecated protocols.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable Hirschmann EagleSDV device accessible over the network.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a TLS connection request using TLS 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the crafted TLS 1.0 connection request to the target EagleSDV device.\u003c/li\u003e\n\u003cli\u003eThe EagleSDV device attempts to process the TLS 1.0 handshake.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, the device encounters an error during the session establishment phase of the TLS handshake.\u003c/li\u003e\n\u003cli\u003eThis error leads to uncontrolled resource consumption (CWE-400) within the device\u0026rsquo;s TLS processing module.\u003c/li\u003e\n\u003cli\u003eThe resource exhaustion causes the device\u0026rsquo;s operating system to become unstable.\u003c/li\u003e\n\u003cli\u003eThe device crashes, resulting in a denial-of-service condition.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2022-4986 leads to a denial-of-service condition on the affected Hirschmann EagleSDV device. This can disrupt network services and cause downtime. The number of affected devices and sectors is unknown, but the impact could be significant for organizations relying on these devices for critical infrastructure.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisable TLS 1.0 and TLS 1.1 on all Hirschmann EagleSDV devices to mitigate the vulnerability described in CVE-2022-4986.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for attempts to establish TLS connections using TLS 1.0 and TLS 1.1 to identify potential exploitation attempts using a network monitoring solution (network_connection log source).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-02T22:16:23Z","date_published":"2026-04-02T22:16:23Z","id":"/briefs/2026-04-hirschmann-dos/","summary":"Hirschmann EagleSDV devices are vulnerable to denial-of-service (DoS) attacks where a device crash can be triggered by establishing TLS 1.0 or TLS 1.1 connections, leading to service disruption.","title":"Hirschmann EagleSDV Denial-of-Service Vulnerability (CVE-2022-4986)","url":"https://feed.craftedsignal.io/briefs/2026-04-hirschmann-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2022-4986","version":"https://jsonfeed.org/version/1.1"}