SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A user profile change vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1. The vulnerability can be exploited by an attacker to change the user profile of any user without proper authorization, which could change the password of any user on the affected system.