all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-625850 V1.0: Multiple WIBU Systems CodeMeter Vulnerabilities Affecting the Desigo CC Product Family

Add to bookmarks
Nov. 14, 2023, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Versions V5.0 through V7 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS) are affected by multiple vulnerabilities in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of these vulnerabilities could allow remote attackers to execute arbitrary code on the Desigo CC server, or create a denial of service condition. While all verison lines V5.0, V5.1 and V6 are affected by all listed vulnerabilities, V7 is only affected by CVE-2023-3935.


Siemens …

arbitrary code attackers cerberus code connect dms exploitation family party product runtime ssa systems third third-party vulnerabilities

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-923361 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 2 weeks, 5 days ago | cert-portal.siemens.com
application arbitrary code arbitrary code execution code +9
SSA-871704 V1.0: Multiple Vulnerabilities in SICAM Products 2 weeks, 5 days ago | cert-portal.siemens.com
code code execution device escalation +14
SSA-925850 V1.0: Improper Access Control in Polarion ALM 2 weeks, 5 days ago | cert-portal.siemens.com
access access control access controls apache +11
SSA-976324 V1.0: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 2 weeks, 5 days ago | cert-portal.siemens.com
application crash file files +6
SSA-953710 V1.0: Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus … 2 weeks, 5 days ago | cert-portal.siemens.com
access attacker buffer buffer overflow +17
SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 2 weeks, 5 days ago | cert-portal.siemens.com
application arbitrary files attacker attacks +18
SSA-935500 V1.1 (Last Update: 2024-05-14): Denial of Service Vulnerability in FTP Server of Nucleus RTOS … 2 weeks, 5 days ago | cert-portal.siemens.com
countermeasures fix fixes latest +6
SSA-962515 V1.0: Out of Bounds Read Vulnerability in Industrial Products 2 weeks, 5 days ago | cert-portal.siemens.com
attacker blue bsod crash +13
SSA-661579 V1.0: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 2 weeks, 5 days ago | cert-portal.siemens.com
application crash file files +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com