Web Vulnerabilities in SINEC NMS
Plan Patch8.8SSA-330339Sep 14, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Multiple web vulnerabilities in SINEC NMS versions prior to 1.0 SP1 include path traversal (CWE-22) and cross-site request forgery (CWE-352). The most severe vulnerability could allow an attacker to manipulate SINEC NMS configuration by tricking an administrator into clicking a malicious link.
What this means
What could happen
An attacker could trick an administrator into clicking a malicious link that changes SINEC NMS configuration settings, potentially altering network management policies or access controls for critical infrastructure monitoring and reporting.
Who's at risk
Network management operators and system administrators who use SINEC NMS to monitor and manage industrial networks, including those in utilities and manufacturing plants that rely on Siemens network management infrastructure.
How it could be exploited
An attacker crafts a malicious link (CSRF attack) and sends it to a SINEC NMS administrator. When the administrator clicks the link while logged in to SINEC NMS, the attacker's request executes in the admin's browser session without additional authentication, allowing unauthorized modification of NMS configuration.
Prerequisites
- Administrator must be logged into SINEC NMS web interface
- Administrator must click attacker-supplied malicious link
- SINEC NMS version prior to 1.0 SP1
remotely exploitablelow complexityrequires user interaction (admin click)affects network management and configuration
Exploitability
Moderate exploit probability (EPSS 2.3%)
Affected products (1)
ProductAffected VersionsFix Status
SINEC NMS< V1.0 SP11.0 SP1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SINEC NMS to version 1.0 SP1 or later
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/3a2c8246-940b-4505-b8bb-bc4a7718d467