A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system.
A successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2024-05-14T10:02:19.474Z
Updated: 2024-06-11T14:20:30.666Z
Reserved: 2024-03-25T14:21:45.080Z
Link: CVE-2024-30207
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-05-14T16:16:47.020
Modified: 2024-06-11T12:15:14.520
Link: CVE-2024-30207
JSON object: View
Redhat Information
No data.
CWE