CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25655

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.3%

CVSS Severity

CVSS v3 Score 7.8

References

https://cert-portal.siemens.com/productcert/html/ssa-311973.html

Products affected by CVE-2026-25655

Siemens » Sinec Nms » Version: N/A

cpe:2.3:a:siemens:sinec_nms:-
Siemens » Sinec Nms » Version: 1.0

cpe:2.3:a:siemens:sinec_nms:1.0
Siemens » Sinec Nms » Version: 1.0.3

cpe:2.3:a:siemens:sinec_nms:1.0.3
Siemens » Sinec Nms » Version: 2.0

cpe:2.3:a:siemens:sinec_nms:2.0
Siemens » Sinec Nms » Version: 3.0

cpe:2.3:a:siemens:sinec_nms:3.0
Siemens » Sinec Nms » Version: 4.0

cpe:2.3:a:siemens:sinec_nms:4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25655

Products

Pricing

Contact Us