PatchSiren cyber security CVE debrief
CVE-2024-33497 Siemens CVE debrief
A local privilege escalation vulnerability exists in Siemens SIMATIC RTLS Locating Manager Track Viewer Client. The affected client components do not properly protect credentials used for server authentication. An authenticated local attacker with Manager role access can extract these credentials and escalate privileges to Systemadministrator role. The vulnerability was published on May 14, 2024, with a CVSS 3.1 score of 6.3 (Medium severity).
- Vendor
- Siemens
- Product
- SIMATIC RTLS Locating Manager (6GT2780-0DA00)
- CVSS
- MEDIUM 6.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-14
- Original CVE updated
- 2024-06-11
- Advisory published
- 2024-05-14
- Advisory updated
- 2024-06-11
Who should care
Organizations operating Siemens SIMATIC RTLS Locating Manager systems in manufacturing, logistics, healthcare, or other industrial environments where real-time locating systems track assets or personnel. Security teams responsible for industrial control system (ICS) infrastructure, system administrators managing Windows Server deployments of RTLS components, and compliance officers evaluating access control implementations should prioritize assessment.
Technical summary
The SIMATIC RTLS Locating Manager Track Viewer Client fails to adequately protect authentication credentials. This insufficient credential protection allows an attacker who has already achieved local access and Manager role authentication to extract credentials from the client and reuse them to escalate to Systemadministrator privileges. The attack vector is local (AV:L), requires low attack complexity (AC:L), and low privileges (PR:L), with scope change (S:C) indicating impact beyond the vulnerable component. The vulnerability affects seven product variants of the SIMATIC RTLS Locating Manager (6GT2780-0DA00, 6GT2780-0DA10, 6GT2780-0DA20, 6GT2780-0DA30, 6GT2780-1EA10, 6GT2780-1EA20, 6GT2780-1EA30). Siemens released version V3.0.1.1 to address this issue.
Defensive priority
medium
Recommended defensive actions
- Apply vendor fix: Update SIMATIC RTLS Locating Manager to V3.0.1.1 or later via Siemens Online Software Delivery (OSD)
- Implement host consolidation: Install required RTLS Locating Manager components on a single host computer where possible
- Restrict physical and logical access: Ensure only trusted personnel have access to systems running the affected software
- Deploy network segmentation: Secure the Windows Server hosting RTLS Locating Manager with firewall rules blocking untrusted network access to all ports
- Apply OS hardening: Implement security hardening of the underlying Windows Server per corporate policies or current hardening guidelines
Evidence notes
The vulnerability description and remediation guidance are derived from CISA CSAF advisory ICSA-24-137-07, which references Siemens security advisory SSA-093430. The source indicates this affects the Track Viewer Client component specifically, with credential protection failures enabling local privilege escalation from Manager to Systemadministrator role.
Official resources
-
CVE-2024-33497 CVE record
CVE.org
-
CVE-2024-33497 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-14