CVE-2026-25656

High CVSS: 8.5

A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user.
This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)

Vendor

Siemens

Product

Sinec Nms

CWE

CWE-427

Yayın Tarihi

2026-02-10 10:15:59

Güncelleme

2026-02-12 15:25:45

Source Identifier

productcert@siemens.com

KEV Date Added

Kategoriler

CWE-427 Sinec Nms HIGH Siemens 2026

Referanslar

https://cert-portal.siemens.com/productcert/html/ssa-311973.html

Benzer Kayıtlar

Medium

CVE-2026-27661

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application leaks co…

Medium

CVE-2026-25571

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK client component doe…

Medium

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component doe…

High

CVE-2026-25573

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell co…

Medium

CVE-2026-25605

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application performs file d…

High

CVE-2026-25569

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exi…