Multiple vulnerabilities in Wibu-Systems CodeMeter



Published: 2020-09-09
Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2020-14509
CVE-2020-14517
CVE-2020-14519
CWE-ID CWE-119
CWE-326
CWE-346
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
CodeMeter Runtime
Server applications / DLP, anti-spam, sniffers

Vendor Wibu Systems

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU46530

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14509

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when the packet parser mechanism does not verify length fields. A remote attacker can send specially crafted packets, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CodeMeter Runtime: before 7.10a

External links

http://ics-cert.us-cert.gov/advisories/icsa-20-203-01
http://www.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-200521-03.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Inadequate Encryption Strength

EUVDB-ID: #VU46531

Risk: High

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14517

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the protocol encryption can be easily broken and the server accepts external connections. A remote attacker can communicate with the CodeMeter API.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CodeMeter Runtime: before 7.10a

External links

http://ics-cert.us-cert.gov/advisories/icsa-20-203-01
http://www.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-200521-04.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Origin validation error

EUVDB-ID: #VU46533

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14519

CWE-ID: CWE-346 - Origin Validation Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to origin validation error. A remote attacker can use the internal WebSockets API via a specifically crafted Java Script payload and alter or create license files when combined with CVE-2020-14515.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CodeMeter Runtime: before 7.10a

External links

http://ics-cert.us-cert.gov/advisories/icsa-20-203-01
http://www.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-200521-02.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###