Siemens Simatic Rtls Locating Manager vulnerabilities

CVE-2025-40746 [CRITICAL] CWE-20 CVE-2025-40746: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

CVE-2025-40751 [MEDIUM] CWE-522 CVE-2025-40751: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights fro

CVE-2025-30034 [MEDIUM] CWE-617 CVE-2025-30034: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition.

CVE-2024-33499 [CRITICAL] CWE-732 CVE-2024-33499: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locat

CVE-2024-30207 [CRITICAL] CWE-321 CVE-2024-30207: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locat

CVE-2024-30209 [CRITICAL] CWE-319 CVE-2024-30209: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locat

CVE-2024-30206 [HIGH] CWE-494 CVE-2024-30206: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating

CVE-2024-33495 [HIGH] CWE-770 CVE-2024-33495: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating

CVE-2024-33497 [MEDIUM] CWE-522 CVE-2024-33497: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2024-33494 [MEDIUM] CWE-345 CVE-2024-33494: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2024-33496 [MEDIUM] CWE-522 CVE-2024-33496: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2024-33583 [MEDIUM] CWE-912 CVE-2024-33583: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2024-30208 [MEDIUM] CWE-732 CVE-2024-30208: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2024-33498 [MEDIUM] CWE-400 CVE-2024-33498: A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locatin

CVE-2020-10052 [MEDIUM] CWE-532 CVE-2020-10052: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The aff A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks.

CVE-2020-10053 [MEDIUM] CWE-312 CVE-2020-10053: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The aff A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks.

CVE-2020-10054 [MEDIUM] CWE-20 CVE-2020-10054: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The aff A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service.

CVE-2020-10051 [HIGH] CWE-428 CVE-2020-10051: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multi A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are execeuted instead of the legitimate service.

CVE-2020-10050 [HIGH] CWE-276 CVE-2020-10050: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The d A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts.

CVE-2020-10049 [HIGH] CWE-276 CVE-2020-10049: A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The s A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system administrators.