Sign-up

ID

VAR-202508-0355


CVE

CVE-2025-30034


TITLE

Siemens'  SIMATIC RTLS Locating Manager  Reachable Assertiveness Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940

DESCRIPTION

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition. Siemens' SIMATIC RTLS Locating Manager Exists in a reachable assertiveness vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-30034 // JVNDB: JVNDB-2025-011940

AFFECTED PRODUCTS

vendor:siemensmodel:simatic rtls locating managerscope:ltversion:3.3

Trust: 1.0

vendor:シーメンスmodel:simatic rtls locating managerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic rtls locating managerscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:simatic rtls locating managerscope:eqversion:3.3

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940 // NVD: CVE-2025-30034

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2025-30034
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2025-30034
value: MEDIUM

Trust: 1.0

NVD: CVE-2025-30034
value: MEDIUM

Trust: 0.8

productcert@siemens.com: CVE-2025-30034
baseSeverity: MEDIUM
baseScore: 6.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 3.6
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-30034
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2025-30034
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940 // NVD: CVE-2025-30034 // NVD: CVE-2025-30034

PROBLEMTYPE DATA

problemtype:CWE-617

Trust: 1.0

problemtype:Reachable assertions (CWE-617) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940 // NVD: CVE-2025-30034

EXTERNAL IDS

db:NVDid:CVE-2025-30034

Trust: 2.6

db:SIEMENSid:SSA-707630

Trust: 1.8

db:ICS CERTid:ICSA-25-226-01

Trust: 0.8

db:JVNid:JVNVU92169998

Trust: 0.8

db:JVNDBid:JVNDB-2025-011940

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940 // NVD: CVE-2025-30034

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-707630.html

Trust: 1.8

url:https://jvn.jp/vu/jvnvu92169998/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2025-30034

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-01

Trust: 0.8

sources: JVNDB: JVNDB-2025-011940 // NVD: CVE-2025-30034

SOURCES

db:JVNDBid:JVNDB-2025-011940
db:NVDid:CVE-2025-30034

LAST UPDATE DATE

2025-08-23T19:36:48.016000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2025-011940date:2025-08-21T06:58:00
db:NVDid:CVE-2025-30034date:2025-08-20T20:58:57.287

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2025-011940date:2025-08-21T00:00:00
db:NVDid:CVE-2025-30034date:2025-08-12T12:15:34.977