Siemens SINEC INS < V1.0 SP2 Update 6 Priv Esc via cap_dac_override
CVE-2026-46748 Published on June 9, 2026

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.

NVD

Weakness Type

Execution with Unnecessary Privileges

The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Products Associated with CVE-2026-46748

Want to know whenever a new CVE is published for Siemens Sinec Ins? stack.watch will email you.

Siemens Sinec Ins

Affected Versions

Siemens SINEC INS:

Before V1.0 SP2 Update 6 is affected.

Siemens SINEC INS < V1.0 SP2 Update 6 Priv Esc via cap_dac_overrideCVE-2026-46748 Published on June 9, 2026

Weakness Type

Execution with Unnecessary Privileges

Products Associated with CVE-2026-46748

Affected Versions

Siemens SINEC INS < V1.0 SP2 Update 6 Priv Esc via cap_dac_override
CVE-2026-46748 Published on June 9, 2026