all InfoSec news
SSA-250085 V1.2 (Last Update: 2023-03-14): Multiple Vulnerabilities in SINEC NMS and SINEMA Server
Siemens ProductCERT Security Advisories cert-portal.siemens.com
SINEC NMS and SINEMA Server V14 contains multiple vulnerabilities that could allow an attacker to execute arbitrary code on the system, arbitrary commands on the local database or achieve privilege escalation.
Siemens has released an update for SINEC NMS to fix CVE-2022-24281 and recommends to update to the latest version. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.
arbitrary code attacker code cve database escalation fix local nms privilege privilege escalation server siemens sinec ssa system update vulnerabilities