Products

SIMATIC RTLS Locating Manager (6GT2780-0DA00)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA10)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA20)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-0DA30)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA10)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA20)

• < V3.0.1.1

SIMATIC RTLS Locating Manager (6GT2780-1EA30)

• < V3.0.1.1

SIMATIC RTLS Locating Manager

• All versions < V3.0.1.1

Source

productcert@siemens.com

Published : May 14, 2024, 4:17 p.m.
Last Modified : May 14, 2024, 7:17 p.m.

Description

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.

References

URL	Source
https://cert-portal.siemens.com/productcert/html/ssa-093430.html	productcert@siemens.com