CVE Catalog

CVE-2026-46748

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

13th percentile - higher than 13% of all known CVEs

Summary

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6) that allows a local attacker to escalate privileges by bypassing file system permission checks.

Risk Assessment

An attacker could gain unrestricted access to the file system, leading to arbitrary file modification and gaining root privileges.

Recommendation

It is recommended to update the system to version V1.0 SP2 Update 6 or later to mitigate this vulnerability.

Original NVD description (English source)

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS