216.73.217.52

CVE-2026-46748

· Published 09/06/2026 10:16 · Modified 09/06/2026 13:49

Labels: CVE-2026-46748 2026-06-09CVE-2026-46748CWE-250[email protected]

Essential information

Published
09/06/2026 10:16
Modified
09/06/2026 13:49
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
siemens / sinec ins cpe:2.3:a:siemens:sinec_ins:<1.0:sp2:update6:*:*:*:*:*:*

References