CVE-2021-47810

WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES X86\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and...

Wibu-Systems WibuKey Runtime Untrusted Pointer Dereference Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Wibu-Systems WibuKey Runtime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

PT-2024-7413 · Wibu Systems · Wibukey

Name of the Vulnerable Software and Affected Versions: WIBU-SYSTEMS WibuKey versions prior to 6.70 Description: The issue is related to an improper bounds check in the WibuKey64.sys handler, allowing specially crafted packets to cause an arbitrary address read. This can result in a Denial of...

CVE-2018-3991

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigg...

CVE-2018-3989

An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...