CVE 8.8 HIGH

CVE-2026-46748_CVE-2026-46748

June 9, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.

AI Analysis

Privilege escalation vulnerability in SINEC INS due to unrestricted file system access

Basic Information

ID CVE-2026-46748

Source siemens

Published Jun 9, 2026 at 08:46

Affected Product

Vendor Siemens

Product SINEC INS

Affected Versions Siemens SINEC INS 0

CWE Classification

CWE-250

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Siemens

Product SINEC INS

Version All versions < V1.0 SP2 Update 6

References

cert-portal.siemens.com /productcert/html/ssa-860189.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.",
    "published": "2026-06-09T08:46:55.902Z",
    "modified": "2026-06-09T08:46:55.902Z",
    "type": "cve",
    "title": "CVE-2026-46748",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-860189.html",
    "id": "CVE-2026-46748",
    "bulletinFamily": "",
    "cwe": [
        "CWE-250"
    ],
    "cvelist": null,
    "sourceData": "Siemens SINEC INS 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SINEC INS",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "Privilege escalation vulnerability in SINEC INS due to unrestricted file system access",
    "ai_severity": "High",
    "ai_vendor": "Siemens",
    "ai_product": "SINEC INS",
    "ai_version": "All versions < V1.0 SP2 Update 6",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply