A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.
References
Configurations
No configuration.
History
21 Nov 2024, 09:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/html/ssa-093430.html - |
11 Jun 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
14 May 2024, 16:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 16:17
Updated : 2024-11-21 09:17
NVD link : CVE-2024-33496
Mitre link : CVE-2024-33496
CVE.ORG link : CVE-2024-33496
JSON object : View
Products Affected
No product.
CWE
CWE-522
Insufficiently Protected Credentials