Information Disclosure in SINEC Security Monitor by Siemens
CVE-2026-27661

5.3MEDIUM

Key Information:

Vendor: Siemens
Status: Sinec Security Monitor
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-27661?

A vulnerability has been identified in SINEC Security Monitor that allows the unauthorized disclosure of sensitive information. The affected versions before V4.9.0 leak confidential data through metadata, exposing details such as contributor information and email addresses on the SSM Server. This could lead to potential exploitation of the leaked data, which emphasizes the importance of upgrading to the latest version to mitigate risks.

Affected Version(s)

SINEC Security Monitor 0

References

https://cert-portal.siemens.com/productcert/html/ssa-4304...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Feb 23, 2026

CVE-2026-27661 Data

JSON