Primary

Context

Siemens SINEC INS Privilege Escalation Vulnerability Allowing Root Access

Vulnerability

Patched

A vulnerability exists in Siemens SINEC INS versions prior to V1.0 SP2 Update 6, where a binary is equipped with the cap_dac_override capability. This capability enables the process to circumvent file system permission checks, leading to unrestricted access to the file system. Consequently, a local attacker could exploit this to escalate privileges, allowing arbitrary file modifications and potentially gaining root access on the system.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a local attacker to gain root access on the system and modify files arbitrarily.

Remediation

Users are advised to update to Siemens SINEC INS version V1.0 SP2 Update 6 or later. For more information, visit the Siemens Industry Support page.

Added: Jun 9, 2026, 10:28 AM

Updated: Jun 9, 2026, 10:28 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SINEC INS Privilege Escalation Vulnerability Allowing Root Access

Vulnerability

Impact

Remediation

Affected Products

Siemens SINEC INS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating