CVE-2026-25656
HIGH 7.8A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user.
This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)
Affected Applications in Environment
4
Solid Edge
v224.00.00.101
17 devices
Solid Edge
v224.00.00101
39 devices
Solid Edge
v221.00.00114
5 devices
Solid Edge
v222.00.00132
4 devices
Affected Devices
48
ASPIRE-166880
Windows
ASPIRE-170762
Windows
ASPIRE-170796
Windows
ASPIRE-170803
Windows
ASPIRE-170814
Windows
ASPIRE-170816
Windows
ASPIRE-170819
Windows
ASPIRE-170822
Windows
ASPIRE-170824
Windows
ASPIRE-170828
Windows
ASPIRE-170832
Windows
ASPIRE-170833
Windows
ASPIRE-170835
Windows
ASPIRE-170837
Windows
ASPIRE-170838
Windows
ASPIRE-170840
Windows
ASPIRE-170841
Windows
CTERAZER2301
Windows
DPAERC-D4480JZ4
Windows
DPAERC-D4480JZ7
Windows
DPAERC-D4480JZN
Windows
DPAERC-D4480JZQ
Windows
DPAERC-D4480JZR
Windows
DPAERC-D4480PQ5
Windows
DPENGR-L1283ZH5
Windows
UPEL-00077
Windows
UPEL-170783
Windows
UPEL-170784
Windows
UPEL-170789
Windows
UPEL-182574
Windows
UPEL-187299
Windows
UPEL-P00073
Windows
UPEL-P00076
Windows
UPEL-P00098
Windows
UPEL-P00109
Windows
UPEL-P00110
Windows
UPEL-P00113
Windows
UPEL-P00121
Windows
UPEL-P00134
Windows
UPEL-P00135
Windows
UPEL-P00139
Windows
UPEL-P00141
Windows
UPEL-P00147
Windows
UPEL-P00154
Windows
UPEL-P00157
Windows
UPEL-P00158
Windows
UPEL-P00163
Windows
UPEL-P00173
Windows