A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-Other |
Tue, 13 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Siemens
Siemens sinec Nms |
|
CPEs | cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Siemens
Siemens sinec Nms |
|
Metrics |
ssvc
|
Tue, 13 Aug 2024 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges. | |
Weaknesses | CWE-250 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-08-13T07:54:08.979Z
Updated: 2024-08-13T13:26:17.671Z
Reserved: 2024-05-27T13:41:04.358Z
Link: CVE-2024-36398
Vulnrichment
Updated: 2024-08-13T13:26:11.228Z
NVD
Status : Analyzed
Published: 2024-08-13T08:15:10.540
Modified: 2024-08-14T18:34:45.950
Link: CVE-2024-36398
Redhat
No data.