Siemans WIBU Systems CodeMeter

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2023-4578 · Wibu · Wibu Codemeter Runtime

Name of the Vulnerable Software and Affected Versions: Wibu CodeMeter Runtime versions up to 7.60b Description: The issue is related to a heap buffer overflow vulnerability in the Wibu CodeMeter Runtime network service. This vulnerability can be exploited by an unauthenticated, remote attacker to...

Vulnerability in SICK FieldEcho

WIBU publicly released an advisory for the WIBU product “CodeMeter Runtime Network Server”. The advisory discloses a buffer over-read vulnerability that was found in the WIBU product “CodeMeter Runtime Network Server”. By default the network server functionality is disabled, however the SICK...

Vulnerability fixed in WIBU Codemeter Runtime

WIBU Systems has fixed a vulnerability in WIBU Codemeter Runtime. A local, authenticated malicious party could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause, or manipulate data. The vulnerability can be exploited by creating a symbolic link using...

CVE-2021-41057

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions...

CVE-2021-41057

CVE-2021-41057 affects WIBU CodeMeter Runtime prior to 7.30a. A local attacker can abuse a crafted CmDongles symbolic link to overwrite the target file without permission checks, potentially crashing the CodeMeter Runtime Server and causing DoS. Public documentation confirms affected product is C...

CVE-2021-41057

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions...

Siemens Product WIBU Systems CodeMeter Runtime Denial of Service Vulnerability

PSSRCAPE is a transmission and distribution network protection simulation software. pssRE i is a power system simulation and analysis tool for transmission operation and planning. pssRODMS i is a transmission network modeling and analysis tool. sicam 230 is a scalable process control system for a...

CodeMeter 后置链接漏洞

PSSRCAPE is a transmission and distribution network protection simulation software. pssRE i is a power system simulation and analysis tool for transmission operation and planning. pssRODMS i is a transmission network modeling and analysis tool. sicam 230 is a scalable process control system for a...

Wibu-Systems CodeMeter Runtime

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Runtime Vulnerabilities: Buffer Over-read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read data from the heap of...

CVE-2021-20094

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...

Denial of service

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...

CVE-2021-20094

CVE-2021-20094 is a publicly documented vulnerability in Wibu-Systems CodeMeter Runtime (CmWAN server) affecting versions earlier than 7.21a. An unauthenticated remote attacker can crash the CodeMeter Runtime Server by sending specially crafted packets to the CmWAN service. The connected sources ...

CodeMeter Runtime Predictable Encryption Key

Binary data codemetercve-2020-14517.nbin...

CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path

Exploit Title: CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2020-08-05 Vendor Homepage: https://www.wibu.com/us/products/codemeter/runtime.html Tested Version: 6.60 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es...

WIBU-SYSTEMS CodeMeter Runtime Detection (Windows SMB Login)

SMB login-based detection of WIBU-SYSTEMS CodeMeter Runtime. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

CVE-2014-8419

Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions read and write access for all users for codemeter.exe, which allows local users to gain privileges via a Trojan horse file...

Design/Logic Flaw

Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions read and write access for all users for codemeter.exe, which allows local users to gain privileges via a Trojan horse file...

CVE-2014-8419

Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions read and write access for all users for codemeter.exe, which allows local users to gain privileges via a Trojan horse file...

CVE-2014-8419

CVE-2014-8419 affects CodeMeter Runtime prior to 5.20. The Windows service codemeter.exe is created with insecure Read/Write permissions for all users, enabling a local attacker to substitute the binary and gain SYSTEM privileges via a trojan-horse file. Several sources confirm the vulnerability ...