| |
Vulnerability CVE-2024-36398
Published: 2024-08-13
| Description: |
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges. |
Type:
CWE-250 (Execution with Unnecessary Privileges)
References: |
https://cert-portal.siemens.com/productcert/html/ssa-784301.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
