Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V2.12

Monitor5.5SSA-145157Nov 9, 2021

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SIMATIC RTLS Locating Manager before V2.12 contains multiple vulnerabilities (CWE-532: insertion of sensitive information into log file, CWE-312: cleartext storage of sensitive information, CWE-20: improper input validation) that could allow an attacker with local access to read sensitive data or trigger a denial-of-service condition of the application service.

What this means

What could happen

An attacker with local access to the Locating Manager workstation could read sensitive information from logs or memory, or crash the application, disrupting real-time location tracking of RTLS tags in the facility.

Who's at risk

This affects facilities using Siemens SIMATIC RTLS (Real-Time Locating System) for personnel, asset, or equipment tracking. Impacted organizations include manufacturing plants, warehouses, healthcare facilities, and utilities that rely on real-time location data for operational safety or inventory management.

How it could be exploited

An attacker with local or adjacent network access could exploit improper input validation (CWE-20) to read sensitive data stored in cleartext (CWE-312) or exposed in logs (CWE-532), or send crafted requests to crash the application service.

Prerequisites

Local or adjacent network access to the SIMATIC RTLS Locating Manager workstation
User-level privileges on the workstation or network access to the application service

Low complexity attackSensitive data exposureInformation disclosureDenial-of-service potentialLocal/adjacent network access required

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

SIMATIC RTLS Locating Manager< V2.122.12

Remediation & Mitigation

0/3

Do now

0/2

HARDENINGRestrict local and network access to the RTLS Locating Manager workstation to authorized personnel only

HARDENINGReview RTLS application logs for signs of unauthorized access or exploitation attempts

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC RTLS Locating Manager to version 2.12 or later

CVEs (3)

CVE-2020-10052 CVE-2020-10053 CVE-2020-10054

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/cd25ff3f-0adf-47bb-8ace-73a980a01e0d