SQL Injection Vulnerability in SINEC NMS
Plan Patch8.8SSA-318832Oct 14, 2025
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
SINEC NMS contains a SQL injection vulnerability in all versions before V4.0 SP1. An authenticated attacker with low-level privileges could insert malicious SQL commands through user input to escalate their access rights and potentially modify network configuration or managed systems. Siemens has released version 4.0 SP1 which corrects this issue.
What this means
What could happen
An authenticated attacker with low-level privileges could inject SQL commands into SINEC NMS to escalate their access rights and potentially modify network management configuration or data affecting connected devices.
Who's at risk
Operators of networked infrastructure using SINEC NMS for network and device management, including utilities and industrial facilities managing Siemens network devices and SCADA systems.
How it could be exploited
An attacker with valid login credentials to SINEC NMS could input malicious SQL code through an unprotected input field. The application would execute this code directly against its database, allowing the attacker to bypass authentication controls and gain higher privileges needed to manage network settings.
Prerequisites
- Valid SINEC NMS user account with low-level privileges
- Network access to SINEC NMS web interface or API
- SINEC NMS version earlier than 4.0 SP1
Requires valid credentialsAllows privilege escalationAffects network management system
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
SINEC NMSAll versions < V4.0 SP14.0 SP1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SINEC NMS to version 4.0 SP1 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/fb892088-dace-461f-ab96-c66f5170d786