A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local malicious user to inject arbitrary commands that are execeuted instead of the legitimate service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens simatic rtls locating manager |