SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. This simplifies the installation and management of all network services associated with industrial networks. Siemens SINEC INS suffers from a Certificate Validation Improperity vulnerability, which is due to the affected product failing to properly validate the certificate of the configured UMC server. An attacker could exploit the vulnerability to be able to intercept credentials sent to the UMC server and manipulate the response to escalate privileges.