CNNVD-202602-1640 Information

Feb 10, 2026 cve

CNNVD ID

CNNVD-202602-1640

CVE-2026-25655

CNNVD Published: 2026-02-10

Description (Chinese)

Siemens SINEC NMS是德国西门子（Siemens）公司的一个网络管理系统 (NMS)，该系统可用于全天候集中监控、管理和配置具有数万台设备的工业网络，包括与安全相关的领域。 Siemens SINEC NMS V4.0 SP2之前版本存在代码问题漏洞，该漏洞源于低权限用户可不当修改配置文件，可能导致加载恶意DLL并执行任意代码。

Description (English)

Siemens SINEEC NMS is a network management system (NMS) of Siemens, a German company that can be used to centrally monitor, manage and configure industrial networks with tens of thousands of equipment around the clock, including in security-related areas. Siemens SINAC NMS V4.0 Sp2 had a code gap, which stemmed from the fact that low-licensed users could inappropriately modify the configuration file and could lead to the loading of malicious DLLs and the implementation of any code.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

西门子

Published

2026-02-10

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-311973.html https://access.redhat.com/security/cve/cve-2026-25655

Patch

https://cert-portal.siemens.com/productcert/html/ssa-311973.html

Share on: