Siemens Sinec Nms
57 CVEs affecting Siemens Sinec Nms. Latest disclosed: 2026-04-14. Critical: 4, High: 29.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-40736 | Critical | 9.8 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification o… |
CVE-2024-49775 | Critical | 9.8 | 2024-12-16 | A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Q… |
CVE-2024-33698 | Critical | 9.8 | 2024-09-10 | A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMA… |
CVE-2024-41940 | Critical | 9.1 | 2024-08-13 | A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command… |
CVE-2026-25654 | High | 8.8 | 2026-04-14 | A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3). Affected products do not properly validate user authorization when processing passw… |
CVE-2025-40755 | High | 8.8 | 2025-10-14 | A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP1). Affected applications are vulnerable to SQL injection through getTotalAndFilterCoun… |
CVE-2025-40738 | High | 8.8 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded… |
CVE-2025-40737 | High | 8.8 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded… |
CVE-2025-40735 | High | 8.8 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticat… |
CVE-2024-41939 | High | 8.8 | 2024-08-13 | A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could all… |
CVE-2024-23811 | High | 8.8 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This coul… |
CVE-2024-23810 | High | 8.8 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauth… |
CVE-2024-47808 | High | 8.4 | 2024-11-12 | A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restr… |
CVE-2024-23812 | High | 8.0 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elements when creating a r… |
CVE-2026-25656 | High | 7.8 | 2026-02-10 | A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3), User Management Component (UMC) (All versions < V2.15.2.1). The affected applicatio… |
CVE-2026-25655 | High | 7.8 | 2026-02-10 | A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a… |
CVE-2025-30033 | High | 7.8 | 2025-08-12 | The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an applicat… |
CVE-2024-36398 | High | 7.8 | 2024-08-13 | A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. Th… |
CVE-2022-30527 | High | 7.8 | 2023-10-10 | A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing… |
CVE-2024-31978 | High | 7.6 | 2024-04-09 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP2). Affected devices allow authenticated users to export monitoring data. The correspon… |