High severity7.3NVD Advisory· Published Apr 14, 2026· Updated Apr 17, 2026
CVE-2026-24032
CVE-2026-24032
Description
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. (ZDI-CAN-27564)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: < V4.0 SP3 with UMC
Patches
Vulnerability mechanics
References
1News mentions
2- ZDI-26-298: Siemens SINEC NMS Authentication Bypass VulnerabilityZero Day Initiative · Apr 23, 2026
- Siemens SINEC NMSCISA Alerts