First published: Wed Sep 13 2023(Updated: )
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
Credit: info@cert.vde.com info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wibu CodeMeter Runtime | <7.60c | |
Trumpf Oseon | >=1.0.0<=3.0.22 | |
Trumpf Programmingtube | >=1.0.1<=4.6.3 | |
Trumpf Teczonebend | >=18.02.r8<=23.06.01 | |
Trumpf Tops Unfold | =05.03.00.00 | |
Trumpf Topscalculation | >=14.00<=22.00.00 | |
Trumpf Trumpflicenseexpert | >=1.5.2<=1.11.1 | |
Trumpf Trutops | >=08.00<=12.01.00.00 | |
Trumpf Trutops Cell Classic | <=09.09.02 | |
Trumpf Trutops Cell Sw48 | >=01.00<=02.26.0 | |
Trumpf Trutops Mark 3d | >=01.00<=06.01 | |
Trumpf Trutopsboost | >=06.00.23.00<=16.0.22 | |
Trumpf Trutopsfab | >=15.00.23.00<=22.8.25 | |
Trumpf Trutopsfab Storage Smallstore | >=14.06.20<=20.04.20.00 | |
Trumpf Trutopsprint | >=00.06.00<=01.00 | |
Trumpf Trutopsprintmultilaserassistant | >=01.02 | |
Trumpf Trutopsweld | >=7.0.198.241<=9.0.28148.1 | |
Trumpf Tubedesign | >=08.00<=14.06.150 | |
Phoenixcontact Activation Wizard | <=1.6 | |
Phoenixcontact E-mobility Charging Suite | <=1.7.0 | |
Phoenixcontact Fl Network Manager | <=7.0 | |
Phoenixcontact Iol-conf | <=1.7.0 | |
Phoenixcontact Module Type Package Designer | <1.2.0 | |
Phoenixcontact Module Type Package Designer | =1.2.0-beta | |
Phoenixcontact Plcnext Engineer | <=2023.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this heap buffer overflow vulnerability is CVE-2023-3935.
CVE-2023-3935 has a severity score of 9.8, which is considered critical.
CVE-2023-3935 allows an unauthenticated, remote attacker to achieve remote code execution (RCE) and gain full access to the host system.
The following software versions are affected by CVE-2023-3935: Wibu CodeMeter Runtime up to version 7.60b, Trumpf Oseon up to version 3.0.22, Trumpf ProgrammingTube up to version 4.6.3, Trumpf TecZone Bend up to version 23.06.01, Trumpf Tops Unfold version 05.03.00.00, Trumpf TopsCalculation up to version 22.00.00, Trumpf TrumpfLicenseExpert up to version 1.11.1, Trumpf TruTops up to version 12.01.00.00, Trumpf TruTops Cell Classic up to version 09.09.02, Trumpf TruTops Cell SW48 up to version 02.26.0, Trumpf TruTops Mark 3D up to version 06.01, Trumpf TruTopsBoost up to version 16.0.22, Trumpf TruTopsFab up to version 22.8.25, Trumpf TruTopsFab Storage SmallStore up to version 20.04.20.00, Trumpf TruTopsPrint up to version 01.00, Trumpf TruTopsPrintMultilaserAssistant starting from version 01.02, Trumpf TruTopsWeld up to version 9.0.28148.1, and Trumpf TubeDesign up to version 14.06.150.
You can find more information about CVE-2023-3935 at the following references: [link1], [link2], [link3].