all InfoSec news
SSA-240541 V1.0: WIBU Systems CodeMeter Heap Buffer Overflow Vulnerability in Industrial Products
Siemens ProductCERT Security Advisories cert-portal.siemens.com
WIBU Systems published information about a heap buffer overflow vulnerability and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products for license management.
The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2023-3935. Successful exploitation of this vulnerability could allow
- an unauthenticated remote attacker to execute code on vulnerable products, where CodeMeter Runtime (i.e., CodeMeter.exe) is configured as a server, or
- an authenticated …
buffer buffer overflow buffer overflow vulnerability classification cve fix heap buffer overflow industrial information license management overflow product products releases runtime siemens ssa systems vulnerability