What is CVE-2024-14034?

CVE-2024-14034 is a critical-severity vulnerability in Belden Hirschmann Hieos Lrs11, classified under Improper Authentication. CVSS score: 9.8/10. Published 2026-04-02.

How severe is CVE-2024-14034?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Auth bypass in Belden Hirschmann Hieos Lrs11

CVE-2024-14034

Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP…

Vulnerability class: Broken Authentication

EPSS: 0.000 (1.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Belden Hirschmann Hieos Lrs11 — versions 0

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

Belden Security Bulletins (vendor-advisory)
www.vulncheck.com/advisories/hirschmann-hieos-authentication-bypass-via-http-ma… (third-party-advisory)

Frequently asked questions

What is CVE-2024-14034?: CVE-2024-14034 is a critical-severity vulnerability in Belden Hirschmann Hieos Lrs11, classified under Improper Authentication. CVSS score: 9.8/10. Published 2026-04-02.
How severe is CVE-2024-14034?: Critical severity. CVSS v3 base score is 9.8 out of 10.