Siemens SINEC NMS is a network management system (NMS) from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. The Siemens SINEC NMS suffers from an Incorrect Privilege Assignment vulnerability, which occurs when an affected application assigns incorrect access privileges to a specific folder containing executable files and libraries. An attacker could exploit the vulnerability to inject arbitrary code and elevate privileges.