Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability has been discovered in Siemens SINEC NMS (CVE-2026-25655) that allows attackers with low-level code execution access to gain elevated system privileges. This high-severity flaw (CVSS 7.8) could enable attackers to take full control of affected systems after obtaining initial low-privileged access. Security teams should prioritize patching this vulnerability and restrict local code execution capabilities, particularly for users managing critical Siemens network management infrastructure.