CVE-2026-46748
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk13th percentile - higher than 13% of all known CVEs
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6) that allows a local attacker to escalate privileges by bypassing file system permission checks.
Risk Assessment
An attacker could gain unrestricted access to the file system, leading to arbitrary file modification and gaining root privileges.
Recommendation
It is recommended to update the system to version V1.0 SP2 Update 6 or later to mitigate this vulnerability.
Original NVD description (English source)
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.

