Risk Summary
SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to the latest version.
CVEs (1)
Remediations
- Limit network access to trusted users and systems only
- Update to V4.0 SP3 or later version
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
SINEC NMS
<V4.0_SP3
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more