CVE-2020-10050

Summary

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts.

Affected Software

VendorProductVersion RangeStatus
Siemens AGSIMATIC RTLS Locating ManagerAll versions < V2.10.2affected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

References