Lucene search

K
cvelistCERTVDECVELIST:CVE-2023-3935
HistorySep 13, 2023 - 1:19 p.m.

CVE-2023-3935 Wibu: Buffer Overflow in CodeMeter Runtime

2023-09-1313:19:18
CWE-787
CERTVDE
www.cve.org
1
cve-2023-3935
wibu
buffer overflow
codemeter runtime
rce

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CodeMeter Runtime",
    "vendor": "Wibu",
    "versions": [
      {
        "lessThanOrEqual": "7.60b",
        "status": "affected",
        "version": "0.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CodeMeter Runtime",
    "vendor": "Wibu",
    "versions": [
      {
        "status": "unaffected",
        "version": "7.21g"
      }
    ]
  }
]

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

Related for CVELIST:CVE-2023-3935