OTPulse
FeedAboutContact

Siemens SIMATIC RTLS Locating Manager

Monitor5.5ICS-CERT ICSA-21-315-11Nov 9, 2021
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

SIMATIC RTLS Locating Manager before V2.12 contains multiple vulnerabilities due to insufficient input validation and insecure data handling. These issues could allow a local attacker to read sensitive data stored by the application or cause a denial-of-service condition that stops the service. The vulnerabilities affect the Windows-based management application for real-time location tracking systems. No remote exploitation is possible.

What this means
What could happen
An attacker with local access to the RTLS Locating Manager server could read sensitive data from the application or cause it to stop functioning. Since this system manages real-time location tracking for equipment and personnel in industrial facilities, disruption could disable situational awareness and tracking capabilities.
Who's at risk
This affects organizations running SIEMENS SIMATIC RTLS (Real-Time Locating System) Locating Manager, which is used in manufacturing plants, warehouses, and industrial facilities to track equipment and personnel movement. IT/OT personnel responsible for real-time location visibility systems should prioritize this update.
How it could be exploited
An attacker with local access to the Windows server running SIMATIC RTLS Locating Manager can exploit insufficient input validation or insecure data handling to read sensitive information stored by the application or trigger a denial-of-service condition that stops the service. No remote exploitation is possible.
Prerequisites
  • Local access to the Windows server running SIMATIC RTLS Locating Manager
  • Low privilege user account on the system (no administrator rights required)
  • Versions before 2.12
Local access required for exploitationLow complexity attackSensitive data exposureApplication availability impact
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC RTLS Locating Manager<V2.122.12
Remediation & Mitigation
0/5
Do now
0/2
HARDENINGRestrict local system access to trusted persons only and avoid creating additional local accounts on the server
HARDENINGEnforce least-privilege user principle for accounts accessing the system
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC RTLS Locating Manager to version 2.12 or later
Long-term hardening
0/2
HARDENINGApply security hardening of the Windows server per your corporate security policies or current hardening guidelines
HARDENINGImplement network access controls and firewall rules to limit who can reach the RTLS Locating Manager server
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d99b047e-b7e1-495c-b84b-66f8fe91857c
Siemens SIMATIC RTLS Locating Manager | CVSS 5.5 - OTPulse