all InfoSec news
SSA-625850 V1.0: Multiple WIBU Systems CodeMeter Vulnerabilities Affecting the Desigo CC Product Family
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Versions V5.0 through V7 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS) are affected by multiple vulnerabilities in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of these vulnerabilities could allow remote attackers to execute arbitrary code on the Desigo CC server, or create a denial of service condition. While all verison lines V5.0, V5.1 and V6 are affected by all listed vulnerabilities, V7 is only affected by CVE-2023-3935.
Siemens …
arbitrary code attackers cerberus code connect dms exploitation family party product runtime ssa systems third third-party vulnerabilities