CVE-2024-33498

🗓️ 14 May 2024 10:03:02Reported by siemensType

Vulnerability in SIMATIC RTLS Locating Manager, allowing unauthenticated remote attacker to cause denial of service by crashing the service due to memory allocation issue

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The software for calculating positions of individual RTLS transponders in SIMATIC RTLS Locating Manager is vulnerable due to uncontrolled resource consumption. This vulnerability allows a intruder to cause a service failure.	5 Jul 202400:00	–	bdu_fstec
CNNVD	Siemens 多款产品资源管理错误漏洞	14 May 202400:00	–	cnnvd
CNVD	Siemens SIMATIC RTLS Locating Manager Uncontrolled Resource Consumption Vulnerability	16 May 202400:00	–	cnvd
CVE	CVE-2024-33498	14 May 202410:03	–	cve
EUVD	EUVD-2024-31236	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Siemens products	14 May 202400:00	–	ncsc
NVD	CVE-2024-33498	14 May 202416:17	–	nvd
RedhatCVE	CVE-2024-33498	23 May 202508:43	–	redhatcve
Vulnrichment	CVE-2024-33498	14 May 202410:03	–	vulnrichment

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RTLS Locating Manager",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V3.0.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-093430.html

11 Jun 2024 14:20Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.3

CVSS 46.9

EPSS0.00527

CWE-400