CNNVD-202507-924 Information
CNNVD ID
CNNVD-202507-924
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Siemens SINEC NMS是德国西门子(Siemens)公司的 一个网络管理系统 (NMS),该系统可用于全天候集中监控、管理和配置具有数万台设备的工业网络,包括与安全相关的领域。 Siemens SINEC NMS V4.0之前版本存在访问控制错误漏洞,该漏洞源于未授权修改管理凭据,可能导致重置超级管理员密码。
Description (English)
Siemens SINEEC NMS is a network management system (NMS) of Siemens, a German company that can be used to centrally monitor, manage and configure industrial networks with tens of thousands of equipment around the clock, including in security-related areas. The previous version of Siemens SINAC NMS V4.0 had a bug in access control, which stemmed from the lack of authorization to change management certificates and could lead to the resetting of supermanage passwords.
Hazard Level
Low
Vulnerability Type
访问控制错误
Affected Vendor
西门子
Published
2025-07-08
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-078892.html https://nvd.nist.gov/vuln/detail/CVE-2025-40736