CISA 2026-04-21

Siemens SINEC NMS

CVE-2026-25654

Machine-generated analysis · WAYSCloud LLM

An authenticated attacker can reset any user's password in SINEC NMS by bypassing authorization checks. The advisory notes deployment in critical manufacturing environments worldwide.

Context

Siemens SINEC NMS is a network management system. The advisory states that an authenticated remote attacker can bypass authorization checks and reset any user account password. The vulnerability is assigned CVSS 8.8 and is noted to affect critical manufacturing sectors.

Operator considerations

Check: Inventory all SINEC NMS instances for versions before V4.0 SP3
Isolate: Restrict network access to trusted users and systems only
Patch: Update to V4.0 SP3 or later

From Cybersecurity and Infrastructure Security Agency ↗

SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to the latest version.

The following versions of Siemens SINEC NMS are affected:

SINEC NMS

Vendor

Equipment

Siemens

Siemens SINEC NMS

Authorization Bypass Through User-Controlled Key

Critical Infrastructure Sectors: Critical Manufacturing

Countries/Areas Deployed: Worldwide

Company Headquarters Location: Germany

Affected products do not properly validate user authorization when processing password reset requests. This could allow an authenticated remote attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account.

Siemens SINEC NMS

Mitigat...

Read the full advisory on CISA →