CVE-2023-4701
First published: Wed Sep 13 2023(Updated: )
A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system.
Credit: info@cert.vde.com info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wibu CodeMeter Runtime | <7.60c | |
| Trumpf Oseon | >=1.0.0<=3.0.22 | |
| Trumpf Programmingtube | >=1.0.1<=4.6.3 | |
| Trumpf Teczonebend | >=18.02.r8<=23.06.01 | |
| Trumpf Tops Unfold | =05.03.00.00 | |
| Trumpf Topscalculation | >=14.00<=22.00.00 | |
| Trumpf Trumpflicenseexpert | >=1.5.2<=1.11.1 | |
| Trumpf Trutops | >=08.00<=12.01.00.00 | |
| Trumpf Trutops Cell Classic | <=09.09.02 | |
| Trumpf Trutops Cell Sw48 | >=01.00<=02.26.0 | |
| Trumpf Trutops Mark 3d | >=01.00<=06.01 | |
| Trumpf Trutopsboost | >=06.00.23.00<=16.0.22 | |
| Trumpf Trutopsfab | >=15.00.23.00<=22.8.25 | |
| Trumpf Trutopsfab Storage Smallstore | >=14.06.20<=20.04.20.00 | |
| Trumpf Trutopsprint | >=00.06.00<=01.00 | |
| Trumpf Trutopsprintmultilaserassistant | >=01.02 | |
| Trumpf Trutopsweld | >=7.0.198.241<=9.0.28148.1 | |
| Trumpf Tubedesign | >=08.00<=14.06.150 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-4701?
CVE-2023-4701 is an Improper Privilege Management vulnerability in CodeMeter Runtime versions prior to 7.60c.
What is the severity of CVE-2023-4701?
CVE-2023-4701 has a severity value of 7.8, which is considered high.
Which software is affected by CVE-2023-4701?
CodeMeter Runtime versions prior to 7.60c are affected by CVE-2023-4701.
How can a local attacker exploit CVE-2023-4701?
A local, low privileged attacker can exploit CVE-2023-4701 through an incorrect use of privileged APIs to gain full admin access on the host system.
Where can I find more information about CVE-2023-4701?
You can find more information about CVE-2023-4701 in the security advisories published by Wibu and VDE.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/status
- agent/tags
- agent/type
- agent/weakness
- collector/mitre-cve
- collector/nvd-api
- collector/nvd-index
- status/rejected
- vendor/wibu
- canonical/wibu codemeter runtime
- vendor/trumpf
- canonical/trumpf oseon
- version/trumpf oseon/1.0.0
- version/trumpf oseon/3.0.22
- canonical/trumpf programmingtube
- version/trumpf programmingtube/1.0.1
- version/trumpf programmingtube/4.6.3
- canonical/trumpf teczonebend
- version/trumpf teczonebend/18.02.r8
- version/trumpf teczonebend/23.06.01
- canonical/trumpf tops unfold
- version/trumpf tops unfold/05.03.00.00
- canonical/trumpf topscalculation
- version/trumpf topscalculation/14.00
- version/trumpf topscalculation/22.00.00
- canonical/trumpf trumpflicenseexpert
- version/trumpf trumpflicenseexpert/1.5.2
- version/trumpf trumpflicenseexpert/1.11.1
- canonical/trumpf trutops
- version/trumpf trutops/08.00
- version/trumpf trutops/12.01.00.00
- canonical/trumpf trutops cell classic
- version/trumpf trutops cell classic/09.09.02
- canonical/trumpf trutops cell sw48
- version/trumpf trutops cell sw48/01.00
- version/trumpf trutops cell sw48/02.26.0
- canonical/trumpf trutops mark 3d
- version/trumpf trutops mark 3d/01.00
- version/trumpf trutops mark 3d/06.01
- canonical/trumpf trutopsboost
- version/trumpf trutopsboost/06.00.23.00
- version/trumpf trutopsboost/16.0.22
- canonical/trumpf trutopsfab
- version/trumpf trutopsfab/15.00.23.00
- version/trumpf trutopsfab/22.8.25
- canonical/trumpf trutopsfab storage smallstore
- version/trumpf trutopsfab storage smallstore/14.06.20
- version/trumpf trutopsfab storage smallstore/20.04.20.00
- canonical/trumpf trutopsprint
- version/trumpf trutopsprint/00.06.00
- version/trumpf trutopsprint/01.00
- canonical/trumpf trutopsprintmultilaserassistant
- version/trumpf trutopsprintmultilaserassistant/01.02
- canonical/trumpf trutopsweld
- version/trumpf trutopsweld/7.0.198.241
- version/trumpf trutopsweld/9.0.28148.1
- canonical/trumpf tubedesign
- version/trumpf tubedesign/08.00
- version/trumpf tubedesign/14.06.150