CVE-2026-46748
Received Received - Intake
Privilege Escalation via cap_dac_override in SINEC INS

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Siemens AG

Description
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access. This could allow a local attacker to escalate privileges leading to arbitrary file modification and gaining root privileges on the system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-46748
EUVD
EUVD-2026-35385
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
siemens sinec_ins to 1.0_sp2_update_6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in SINEC INS versions earlier than V1.0 SP2 Update 6. It involves a binary configured with the cap_dac_override capability, which allows the process to bypass file system permission checks.

As a result, a local attacker can gain unrestricted access to the file system, enabling them to modify files arbitrarily and escalate their privileges to root on the system.

Impact Analysis

This vulnerability can allow a local attacker to escalate their privileges to root, giving them full control over the affected system.

With root privileges, the attacker can arbitrarily modify files, potentially leading to system compromise, data loss, or unauthorized access to sensitive information.

Compliance Impact

The vulnerability allows a local attacker to bypass file system permission checks and escalate privileges to root, enabling arbitrary file modification and unrestricted file system access.

Such unauthorized access and modification of files could lead to breaches of confidentiality, integrity, and availability of sensitive data, which are critical requirements in standards and regulations like GDPR and HIPAA.

Therefore, this vulnerability could negatively impact compliance with these regulations by exposing protected data to unauthorized access and modification.

Detection Guidance

This vulnerability involves a binary in SINEC INS configured with the cap_dac_override capability, which allows bypassing file system permission checks. To detect this on your system, you can check for binaries with the cap_dac_override capability set.

  • Use the command: getcap -r / 2>/dev/null | grep cap_dac_override
  • Alternatively, find the specific SINEC INS binary and check its capabilities with: getcap /path/to/binary

Detecting unusual file system access or privilege escalation attempts related to this binary may also help identify exploitation.

Mitigation Strategies

To mitigate this vulnerability, the recommended immediate step is to update SINEC INS to version V1.0 SP2 Update 6 or later, where this issue is resolved.

Until the update can be applied, restrict local access to the affected system to trusted users only, as the vulnerability requires local attacker privileges.

Additionally, review and limit the use of the cap_dac_override capability on binaries to prevent unauthorized privilege escalation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46748. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart