Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simatic_rtls_locating_manager
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-09 | CVE-2020-10052 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks. | Simatic_rtls_locating_manager | 5.5 | ||
| 2021-11-09 | CVE-2020-10053 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks. | Simatic_rtls_locating_manager | 5.5 | ||
| 2021-11-09 | CVE-2020-10054 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service. | Simatic_rtls_locating_manager | 5.5 | ||
| 2020-09-09 | CVE-2020-10051 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are execeuted instead of the legitimate service. | Simatic_rtls_locating_manager | N/A | ||
| 2020-09-09 | CVE-2020-10050 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts. | Simatic_rtls_locating_manager | N/A | ||
| 2020-09-09 | CVE-2020-10049 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system administrators. | Simatic_rtls_locating_manager | N/A |