Описание
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.10.2 (исключая)
cpe:2.3:a:siemens:simatic_rtls_locating_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-276
CWE-276
Связанные уязвимости
github
больше 3 лет назад
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts.
EPSS
Процентиль: 9%
0.00034
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-276
CWE-276