Security Advisory

CVE-2026-25656

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-10 09:58:55

Last updated 2026-04-14 08:40:44

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)

← Browse all CVEs View on cve.org ↗