CNNVD-202507-920 Information

CNNVD ID

CNNVD-202507-920

Related CVE

CVE-2025-40735

• CNNVD Published: 2025-07-08

Description (Chinese)

Siemens SINEC NMS是德国西门子（Siemens）公司的 一个网络管理系统 (NMS)，该系统可用于全天候集中监控、管理和配置具有数万台设备的工业网络，包括与安全相关的领域。 Siemens SINEC NMS V4.0之前版本存在SQL注入漏洞，该漏洞源于SQL注入，可能导致执行任意SQL查询。

Description (English)

Siemens SINEEC NMS is a network management system (NMS) of Siemens, a German company that can be used to centrally monitor, manage and configure industrial networks with tens of thousands of equipment around the clock, including in security-related areas. The previous version of Siemens SINAC NMS V4.0 had an SQL injection loophole, which originated in the SQL injection and could lead to the execution of any SQL queries.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

西门子

Published

2025-07-08

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-078892.html https://nvd.nist.gov/vuln/detail/CVE-2025-40735

Patch

https://support.industry.siemens.com/cs/document/109989514/download-and-sales-and-delivery-release-for-the-product-sinec-nms-v4-0?lc=en-ww