SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks. a code issue vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1. The vulnerability stems from the fact that the affected system allows the upload of JSON objects deserialized to JAVA objects, but the deserialization of user-supplied content is not secure. An attacker could exploit the vulnerability by sending specially serialized Java objects to execute arbitrary code on the device with root privileges.