← Back to home
SIEMENS-SSA-580693  ·  Published 2022-08-09  ·  View on Siemens ProductCERT ↗

SSA-580693 V1.3 (Last Update: 2022-08-09): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products

CVSS 7.1 HIGH

Risk Summary

<p> WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. </p> <p> The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2021-41057. Successful exploitation of this vulnerability could allow an attacker to crash the CodeMeter Runtime Server (i.e., CodeMeter.exe), which could cause a denial-of-service condition for the affected Siemens product. </p> <p> Siemens has released updates for the affected products and recommends to update to the latest versions. </p>

CVEs (1)

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-580693 V1.3 (Last Update: 2022-08-09): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more