Vulnerability CVE-2024-36398


Published: 2024-08-13

Description:
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.

Type:

CWE-250

(Execution with Unnecessary Privileges)

 References:
https://cert-portal.siemens.com/productcert/html/ssa-784301.html

Copyright 2024, cxsecurity.com

 

Back to Top