Wibu: Buffer Overflow in CodeMeter Runtime
CVE-2023-3935

9.8CRITICAL

Key Information:

Vendor: Wibu
Status: Codemeter Runtime
Vendor: CVE Published:; 13 September 2023

What is CVE-2023-3935?

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service versions up to 7.60b could allow unauthenticated remote attackers to execute arbitrary code on the host system. This could lead to full system compromise, enabling attackers to gain unauthorized access and control over sensitive information and services.

Affected Version(s)

CodeMeter Runtime 0.0 <= 7.60b

CodeMeter Runtime 7.21g

References

https://cdn.wibu.com/fileadmin/wibu_downloads/security_ad...

https://cert.vde.com/en/advisories/VDE-2023-031/

https://cert.vde.com/en/advisories/VDE-2023-030/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 13, 2023
Vulnerability Reserved
Jul 25, 2023