Siemens SIMATIC RTLS Locating Manager

MonitorCVSS 6.3ICS-CERT ICSA-25-226-01Aug 12, 2025

Siemens

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SIMATIC RTLS Locating Manager versions prior to 3.3 contain privilege escalation vulnerabilities (CWE-617, CWE-522) that allow a local user with valid credentials to execute code with elevated privileges. The vulnerabilities are not remotely exploitable and require prior authentication. No public exploitation has been reported.

What this means

What could happen

An attacker with local access to the SIMATIC RTLS Locating Manager could execute arbitrary code with elevated privileges, potentially allowing them to alter real-time location data or disrupt the RTLS infrastructure used for asset tracking in your facility.

Who's at risk

Real-time location system (RTLS) operators and asset tracking administrators who rely on Siemens SIMATIC RTLS Locating Manager to track equipment and personnel in manufacturing plants, warehouses, hospitals, or logistics facilities.

How it could be exploited

An attacker must first gain local access to the SIMATIC RTLS Locating Manager server (physical console, shared network drive, or local service execution) with low-privilege user credentials. Once authenticated, they can exploit the underlying vulnerability to escalate privileges and execute commands that affect RTLS operations.

Prerequisites

Local system access (console, SSH, or remote desktop) to the SIMATIC RTLS Locating Manager server
Valid local user account credentials (low-privilege account is sufficient)

Local access requiredLow exploitation complexityAffects location tracking and asset visibility

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

SIMATIC RTLS Locating Manager< 3.33.3

Remediation & Mitigation

0/3

Do now

0/2

HARDENINGRestrict network and local access to SIMATIC RTLS Locating Manager to authorized engineering and operations staff only

HARDENINGImplement firewall rules to ensure the SIMATIC RTLS Locating Manager is not accessible from the internet or untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC RTLS Locating Manager to version 3.3 or later

CVEs (2)

CVE-2025-30034 CVE-2025-40751

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/587b8e72-5951-4207-b4cb-3b6331fedc52

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.