An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NWibu Codemeter
APPWibu< 7.10
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2021-20093CRITICAL9.1ten sam produkt
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote ...
CVE-2020-14517CRITICAL9.8ten sam produkt
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Ver...
CVE-2020-14509CRITICAL9.8ten sam produkt
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet pa...
CVE-2021-20094HIGH7.5ten sam produkt
A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote...
CVE-2020-14515HIGH7.5ten sam produkt
CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an...