Sinec ins
This hub aggregates every CVE we track for Sinec ins, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
28
CVEs tracked
3
Critical
12
High
0
In CISA KEV
Severity distribution
HIGH12MEDIUM10LOW3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
4
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Sinec ins.
- CVE-2026-46749A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password hashing implementation with a static, hardcoded salt shared across all ...7.5
- CVE-2026-46748A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability a...8.8
- CVE-2026-46747A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application does not properly sanitize path input in the `GET /api/sftp/uploadFiles` endpoint used ...4.3
- CVE-2026-46746A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The application does not properly sanitize user input in the /api/sftp/uploadFiles endpoint, allowing the inject...8.8
- CVE-2023-48431A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this t...6.8
- CVE-2023-48430A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a ma...2.7
- CVE-2023-48429A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a mali...2.7
- CVE-2023-48428A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malici...7.2
- CVE-2023-48427A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an att...8.1
- CVE-2021-25220DNS forwarders - cache poisoning vulnerability6.8
- CVE-2022-0396DoS from specifically crafted TCP packets5.3
- CVE-2021-4160BN_mod_exp may produce incorrect results on MIPS5.9
- CVE-2022-0235Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch6.1
- CVE-2022-0155Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects6.5
- CVE-2020-27304The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request...9.8
Product normalization is registry-driven with AI assist and human review. How it works