A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPhoenixcontact Activation Wizard
APPPhoenixcontactβ€ 1.6Phoenixcontact E Mobility Charging Suite
APPPhoenixcontactβ€ 1.7.0Phoenixcontact Fl Network Manager
APPPhoenixcontactβ€ 7.0Phoenixcontact Iol Conf
APPPhoenixcontactβ€ 1.7.0Phoenixcontact Module Type Package Designer
APPPhoenixcontact1.2.0< 1.2.0Phoenixcontact Plcnext Engineer
APPPhoenixcontactβ€ 2023.6Trumpf Oseon
APPTrumpf1.0.0 β 3.0.22Trumpf Programmingtube
APPTrumpf1.0.1 β 4.6.3Trumpf Teczonebend
APPTrumpf18.02.r8 β 23.06.01Trumpf Topscalculation
APPTrumpf14.00 β 22.00.00Trumpf Tops Unfold
APPTrumpf05.03.00.00Trumpf Trumpflicenseexpert
APPTrumpf1.5.2 β 1.11.1Trumpf Trutops
APPTrumpf08.00 β 12.01.00.00Trumpf Trutopsboost
APPTrumpf06.00.23.00 β 16.0.22Trumpf Trutops Cell Classic
APPTrumpfβ€ 09.09.02Trumpf Trutops Cell Sw48
APPTrumpf01.00 β 02.26.0Trumpf Trutopsfab
APPTrumpf15.00.23.00 β 22.8.25Trumpf Trutopsfab Storage Smallstore
APPTrumpf14.06.20 β 20.04.20.00Trumpf Trutops Mark 3d
APPTrumpf01.00 β 06.01Trumpf Trutopsprint
APPTrumpf00.06.00 β 01.00Trumpf Trutopsprintmultilaserassistant
APPTrumpfβ₯ 01.02Trumpf Trutopsweld
APPTrumpf7.0.198.241 β 9.0.28148.1Trumpf Tubedesign
APPTrumpf08.00 β 14.06.150Wibu Codemeter Runtime
APPWibu< 7.60c
Related vulnerabilities
Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary...
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote att...
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked f...
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exi...
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for cod...