How severe is CVE-2020-10051?

CVE-2020-10051 has a CVSS v3 score of 7.8 (HIGH).

CVE-2020-10051

Name: simatic_rtls_locating_manager
Author: siemens

7.8HIGH

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is

发布于: 9/9/2020更新于: 11/21/2024

描述

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are execeuted instead of the legitimate service.

AI分析AI驱动

受影响产品

siemenssimatic_rtls_locating_manager

参考资料

https://cert-portal.siemens.com/productcert/pdf/ssa-251935.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-251935.pdf
Vendor Advisory