Risk Summary
Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. Siemens has released a new version for SINEC NMS and recommends to update to the latest version.
CVEs (1)
Remediations
- Update to V4.0 SP3 or later version
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
SINEC NMS
<V4.0_SP3_with_UMC
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more