CNVD-2024-24516 — Vulnetix

CNVD-2024-24516 PUBLISHED

SIMATIC RTLS Locating Manager用于配置、操作和维护SIMATIC RTLS装置，该装置是一个实时无线定位系统，可提供定位解决方案。 Siemens SIMATIC RTLS Locating Manager存在资源分配错误漏洞，该漏洞是由于受影响的应用程序未能正确限制特定日志的大小。攻击者可利用该漏洞通过创建大量日志条目来耗尽系统资源，从而可能导致拒绝服务。

Affected Products

Vendor	Product	Versions
	Siemens SIMATIC RTLS Locating Manager (6GT2780-0DA00) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-1EA10) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-0DA30) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-1EA30) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-1EA20) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-0DA20) < V3.0.1.1
	Siemens SIMATIC RTLS Locating Manager (6GT2780-0DA10) < V3.0.1.1

Timeline

May 16, 2024 CVE ID Reserved
May 30, 2024 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-093430.html url

Open in Interactive Console →