Primary

Context

Siemens SIMATIC RTLS Locating Manager Arbitrary Code Execution Vulnerability

Vulnerability

Patched

A vulnerability exists in Siemens SIMATIC RTLS Locating Manager in all versions prior to 3.2. The issue stems from improper input validation in a backup script, which could enable an authenticated remote attacker with high privileges to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with elevated privileges, potentially leading to significant system compromise.

Remediation

Users are advised to update SIMATIC RTLS Locating Manager to version 3.2 or later. For more information, visit the Siemens support page.

Added: Aug 12, 2025, 12:37 PM

Updated: Aug 12, 2025, 2:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SIMATIC RTLS Locating Manager Arbitrary Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Siemens SIMATIC RTLS Locating Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating