CVE-2020-10049

Summary

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system administrators.

Affected Software

VendorProductVersion RangeStatus
Siemens AGSIMATIC RTLS Locating ManagerAll versions < V2.10.2affected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

References