CVE-2024-33497

CVSS V2 None CVSS V3 None
Description
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.
Overview
  • CVE ID
  • CVE-2024-33497
  • Assigner
  • siemens
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-14T10:03:01.146Z
  • Last Modified Date
  • 2024-06-11T14:20:42.140Z
History
Created Old Value New Value Data Type Notes
2024-06-26 05:19:48 Added to TrackCVE