{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T03:55:27.121","vulnerabilities":[{"cve":{"id":"CVE-2024-30206","sourceIdentifier":"productcert@siemens.com","published":"2024-05-14T16:16:45.767","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. \r\nA successful exploit requires the attacker to be able to modify the communication between server and client on the network."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en SIMATIC RTLS Locating Manager (6GT2780-0DA00) (todas las versiones &lt; V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (todas las versiones &lt; V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (Todas las versiones &lt; V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (Todas las versiones &lt; V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (Todas las versiones &lt; V3 .0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (todas las versiones &lt; V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (todas las versiones &lt; V3.0.1.1). Los clientes SIMATIC RTLS Locating Manager afectados no comprueban correctamente la integridad de los archivos de actualización. Esto podría permitir que un atacante remoto no autenticado altere los archivos de actualización en tránsito y engañe a un usuario autorizado para que instale código malicioso. Un exploit exitoso requiere que el atacante pueda modificar la comunicación entre el servidor y el cliente en la red."}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":6.0}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-494"}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-093430.html","source":"productcert@siemens.com"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-093430.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}