CVE-2020-10051

CVE-2020-10051

Vendor Siemens Ag
Product SIMATIC RTLS Locating Manager
Weakness CWE-428
Published September 9, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are execeuted instead of the legitimate service.

Key dates

02Disclosure timeline

September 9, 2020 CVE published
August 4, 2024 Record updated