All versions prior to 6.81 are affected by CVE-2020-14513. All versions prior to 7.10 are affected by CVE-2020-16233. All versions prior to 7.10a are affected by CVE-2020-14517. The following versions of CodeMeter Runtime, a license manager, are affected: Successful exploitation of these vulnerabilities could allow an attacker to alter and forge a license file, cause a denial-of-service condition, potentially attain remote code execution, read heap data, and prevent normal operation of third-party software dependent on the CodeMeter. This updated advisory is a follow-up to the advisory update titled ICSA-20-203-01 Wibu-Systems CodeMeter (Update E) that was published February 11, 2021, to the ICS webpage on 3. 
Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verification of Cryptographic Signature, Improper Resource Shutdown or Release.ATTENTION: Exploitable remotely/low attack complexity.
0 kommentar(er)
