ICS: Siemens SINEC NMS Vulnerability

Severity

High

Analysis Summary

CVE-2024-36398

Siemens SINEC NMS could allow a local authenticated to gain elevated privileges on the system. The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. An attacker could exploit this vulnerability to execute operating system commands with elevated privileges.

Impact

Privilege Escalation

Indicators of Compromise

CVE

CVE-2024-36398

Affected Vendors

Siemens

Affected Products

Siemens SINEC NMS - 2.0

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory

Multiple SAP Products Vulnerabilities

Multiple Microsoft Products Zero-Day Vulnerabilities Exploit in the Wild

ICS: Siemens SINEC NMS Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan