ICSA-20-203-01 · Published 2022-03-10 · View on CISA ICS-CERT ↗

Wibu-Systems CodeMeter (Update F)

CVSS 10.0 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to alter and forge a license file, cause a denial-of-service condition, potentially attain remote code execution, read heap data, and prevent normal operation of third-party software dependent on the CodeMeter.

CVEs (6)

CVE-2020-14509 CVE-2020-14517 CVE-2020-14519 CVE-2020-14513 CVE-2020-14515 CVE-2020-16233

Remediations

Wibu-Systems recommends the following:
For more information please see Wibu-Systems ' security advisories:
For more information on products dependent on the affected CodeMeter see the following vendor security advisories:

Affected Vendors

Wibu-Systems AG

Affected Products (5)

Wibu-Systems AG · CodeMeter < 7.10a

Wibu-Systems AG · CodeMeter < 6.90

Wibu-Systems AG · CodeMeter < 7.10a

Wibu-Systems AG · CodeMeter < 7.10

Wibu-Systems AG · CodeMeter < 6.81

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more