CVE-2024-33499

Name of the Vulnerable Software and Affected Versions SIMATIC RTLS Locating Manager versions prior to V3.0.1.1

Description The issue is related to the incorrect assignment of permissions to a user management component. This could allow a privileged attacker to escalate their privileges. The vulnerability may be exploited by a remote attacker to gain elevated privileges.

Recommendations For versions prior to V3.0.1.1, update to version V3.0.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the user management component to minimize the risk of exploitation.