First published: Wed Sep 16 2020(Updated: )
An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Wibu Codemeter | <7.10 | |
Wibu-Systems AG All versions prior to 7.10a are affected by CVE-2020-14509 and CVE-2020-14519 | ||
Wibu-Systems AG All versions prior to 7.10a are affected by CVE-2020-14517 | ||
Wibu-Systems AG All versions prior to 7.10 are affected by CVE-2020-16233 | ||
Wibu-Systems AG All versions prior to 6.81 are affected by CVE-2020-14513 | ||
Wibu-Systems AG All versions prior to 6.90 are affected by CVE-2020-14515 when using CmActLicense update files with CmActLicense Firm Code |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-16233 is a vulnerability in CodeMeter that allows an attacker to send a specially crafted packet to retrieve data from the heap.
All versions prior to 7.10 of CodeMeter are affected by CVE-2020-16233.
CVE-2020-16233 has a severity rating of 7.5, which is classified as high.
To fix CVE-2020-16233, it is recommended to upgrade CodeMeter to version 7.10 or later.
You can find more information about CVE-2020-16233 in the advisory published by US-CERT at the following URL: https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01.