Summary
Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions.
The following versions of Siemens SINEC NMS are affected:
- SINEC NMS: Versions prior to V4.0 SP2 (CVE-2026-25655)
- SINEC NMS: All Versions (CVE-2026-25656)
- User Management Component (UMC) vers:intdot/<2.15.2.1 (CVE-2026-25656)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.8 | Siemens | Siemens SINEC NMS | Uncontrolled Search Path Element |
Background
- Critical Infrastructure Sectors: Information Technology, Energy, Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Germany
Vulnerabilities
CVE-2026-25655
The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107)
Affected Products
Siemens SINEC NMS
Siemens
SINEC NMS
known_affected
Remediations
Vendor fix
Update to V4.0 SP2 or later version
Relevant CWE: CWE-427 Uncontrolled Search Path Element
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2026-25656
The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)
Affected Products
Siemens SINEC NMS
Siemens
SINEC NMS, User Management Component (UMC)
known_affected
Remediations
Vendor fix
Update to V2.15.2.1 or later version
Vendor fix
Update UMC to V2.15.2.1 or later compatible version https://support.industry.siemens.com/cs/document/109996127/
Relevant CWE: CWE-427 Uncontrolled Search Path Element
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Acknowledgments
- Siemens ProductCERT reported these vulnerab
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from All CISA AdvisoriesRead the original article: