License File Signature Vulnerability in CodeMeter by WIBU-SYSTEMS
CVE-2020-14515

7.5HIGH

Key Information:

Vendor: Wibu
Status: Codemeter
Vendor: CVE Published:; 16 September 2020

What is CVE-2020-14515?

The vulnerability in CodeMeter stems from a flaw in the license-file signature checking mechanism, impacting all versions prior to 6.90 when using CmActLicense update files associated with a specific Firm Code. This issue enables attackers to create arbitrary license files, effectively forging valid licenses that could be mistaken for those issued by legitimate vendors. Such exploitation threatens the integrity of licensing controls and could lead to unauthorized software use.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CodeMeter All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code.

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2020
Vulnerability Reserved
Jun 19, 2020

JSON

Wibu

What is CVE-2020-14515?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.