Products

SIMATIC RTLS Locating Manager (6GT2780-0DA00)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA10)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA20)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA30)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA10)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA20)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA30)

• < V3.0.1.1

Source

productcert@siemens.com

Published : May 14, 2024, 4:16 p.m.
Last Modified : May 14, 2024, 7:18 p.m.

Description

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system. A successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.

References

URL	Source
https://cert-portal.siemens.com/productcert/html/ssa-093430.html	productcert@siemens.com