How severe is CVE-2020-10051?

CVE-2020-10051 has a CVSS v3 score of 7.8 (HIGH).

CVE-2020-10051

Name: simatic_rtls_locating_manager
Author: siemens

7.8HIGH

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is

Publicado: 9/9/2020Actualizado: 11/21/2024

Descripción

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are execeuted instead of the legitimate service.

Análisis IAImpulsado por IA

Productos Afectados

siemenssimatic_rtls_locating_manager

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-251935.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-251935.pdf
Vendor Advisory