7 matches found
CVE-2020-14517
CVE-2020-14517 (CodeMeter). Affects CodeMeter WebAdmin and related components; protocol encryption can be easily broken, and the server can accept external connections, potentially allowing an attacker to remotely communicate with the CodeMeter API. Affected: CodeMeter before 6.90, and 6.90+ only...
CVE-2020-14509
CVE-2020-14509 concerns CodeMeter WebAdmin prior to 7.10a. The vulnerability is a memory corruption issue in the packet parser that does not verify length fields, allowing an attacker to send specially crafted packets to trigger the flaw. Public sources describe potential outcomes as remote code ...
CVE-2020-14515
CVE-2020-14515 affects CodeMeter WebAdmin prior to 6.90: a flaw in the license-file signature checking mechanism allows forging or arbitrary license files, potentially impersonating a vendor. This is limited to CmActLicense update files with CmActLicense Firm Code. Related sources indicate that e...
CVE-2020-14513
CVE-2020-14513 affects CodeMeter up to version 6.80 (and WebAdmin components) where processing a specially crafted license file can crash the software due to unverified length fields. Multiple sources (NVD/NCSC/Red Hat advisories, Tenable plugin) confirm CodeMeter prior to 6.81 is affected; updat...
CVE-2020-14519
CVE-2020-14519 affects CodeMeter WebAdmin’s internal WebSockets API. According to the provided documents, all versions prior to 7.00 are affected, including 7.0 or newer if the affected WebSockets API remains enabled, particularly when a web browser accesses the CodeMeter web server. The vulnerab...
CVE-2020-16233
CVE-2020-16233 affects CodeMeter WebAdmin (CodeMeter, prior to version 7.10). A network attacker could send a specially crafted packet to cause the server to return packets containing data from the heap, exposing heap data and potentially enabling further exploitation. The vulnerability is docume...
CVE-2021-20094
CVE-2021-20094 is a publicly documented vulnerability in Wibu-Systems CodeMeter Runtime (CmWAN server) affecting versions earlier than 7.21a. An unauthenticated remote attacker can crash the CodeMeter Runtime Server by sending specially crafted packets to the CmWAN service. The connected sources ...