EUVD-2020-6651

Malware in sbrugna...

The vulnerability of the WebSockets API component of the CodeMeter license control application allows a perpetrator to gain unauthorized access to modify or create license files for CmActLicense.

The vulnerability of the WebSockets API of the CodeMeter license control application is related to a data source confirmation error. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to modify or create CmActLicense license files...

CodeMeter < 6.90 License forging Vulnerability

According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 6.90. It is affected by an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if i...

Code injection

CodeMeter All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file o...