ZDI-26-297: Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Siemens SINEC NMS. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-25654.
ORIGINAL SOURCE →via Zero Day Initiative
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
- [CYBER] Mullvad VPN Creates iOS Master Switch to Protect Users From Data Leaks
- [CYBER] CVE-2026-29197 - Apache Apps Engine Log Information Disclosure Vulnerability
- [CYBER] CVE-2026-6732 - Libxml2: libxml2: denial of service via crafted xsd-validated document
- [CYBER] Anthropic CVP Run 3 — Does Claude's Safety Stack Scale Down to Haiku 4.5?
- [CYBER] DeFi bleeds $7B in a day after $290M exploit – Layer Zero calls it another Lazarus hit - MSN