CVE-2026-25654 | Siemens SINEC NMS up to 4.0 SP2 Password Reset authorization (ssa-605717)

Inserito da Angelo Barbosa | Apr 14, 2026 | CVE

A vulnerability was found in Siemens SINEC NMS up to 4.0 SP2. It has been classified as critical. This affects an unknown function of the component Password Reset Handler. The manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2026-25654. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-25654 | Siemens SINEC NMS up to 4.0 SP2 Password Reset authorization (ssa-605717)

Post correlati

CVE-2023-38271 | IBM Cloud Pak System up to 2.3.3.7 iFix1 log file

CVE-2024-24972 | Gallagher Controller 6000/Controller 7000 Web Interface buffer overflow

CVE-2023-51522 | Cozmoslabs Paid Member Subscriptions Plugin up to 2.10.4 on WordPress cross-site request forgery

CVE-2025-6522 | TrendMakers Sight Bulb Pro Service Port 16668 command injection (icsa-25-177-02)