Rewterz

Rewterz Threat Advisory – CVE-2020-15791 – Siemens SIMATIC S7-300 and S7-400 CPUs

September 9, 2020
Rewterz

Rewterz Threat Advisory – CVE-2020-8758 – Security Updates for Intel AMT and Intel ISM

September 9, 2020

Rewterz Threat Advisory – Siemens SIMATIC RTLS Locating Manager

Severity

High

Analysis Summary

CVE-2020-10049

The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system administrators.

CVE-2020-10050

The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts.

CVE-2020-10051

Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that are executed instead of the legitimate service.

Impact

  • Incorrect Default Permissions 
  • Unquoted Search Path or Element

Affected Vendors

Siemens

Affected Products

SIMATIC RTLS Locating Manager
all versions prior to v2.10.2

Recommendation

Siemens recommends that users apply the update of the SIMATIC RTLS Locating Manager: v2.10.2

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.