CVE-2024-33498

Name of the Vulnerable Software and Affected Versions SIMATIC RTLS Locating Manager versions prior to V3.0.1.1

Description The issue is related to an uncontrolled resource consumption in the software, which can be exploited by a remote attacker to cause a denial of service condition. This happens when the software fails to properly release memory allocated for handling specially crafted incoming packets, leading to a crash of the service due to memory exhaustion. The service automatically restarts after a short time.

Recommendations For SIMATIC RTLS Locating Manager versions prior to V3.0.1.1, update to version V3.0.1.1 or later to resolve the issue.