Lucene search
China National Vulnerability DatabaseCNVD-2021-77592HistoryOct 13, 2021 - 12:00 a.m.
Siemens SINEC NMS SQL Injection Vulnerability (CNVD-2021-77592)
2021-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
siemens
sinec nms
sql injection
network management
industrial networks
vulnerability
firmware containers
authenticated attacker
local database
arbitrary commands
EPSS
0.001
Percentile
45.1%
SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which could be exploited by an authenticated attacker to import firmware containers into the affected system and execute arbitrary commands in the local database.
Related
cvelist
cvelist
CVE-2021-33729
2021-10-12 09:49:29
prion
prion
Command injection
2021-10-12 10:15:00
nvd
nvd
CVE-2021-33729
2021-10-12 10:15:12
cve
cve
CVE-2021-33729
2021-10-12 10:15:12
thn
thn
Over a Dozen Flaws Found in Siemens' Industrial Network Management System
2022-06-18 06:29:00
ics
ics
Siemens SINEC NMS
2021-10-14 12:00:00
nessus
nessus
Siemens SINEC NMS < V1.0 SP2 Update 1 Multiple Vulnerabilities
2022-07-05 00:00:00