Improper Bounds Check in WIBU-SYSTEMS WibuKey Product
CVE-2024-45182

5.5MEDIUM

Key Information:

Vendor: Wibu
Status: Wibukey
Vendor: CVE Published:; 12 September 2024

What is CVE-2024-45182?

A vulnerability exists in the WibuKey64.sys component of WIBU-SYSTEMS WibuKey versions before 6.70. This flaw arises from an improper bounds check, which enables an attacker to send specially crafted packets, leading to arbitrary memory access. This could potentially disrupt service availability, causing a denial of service. Users are advised to upgrade to version 6.70 or later to mitigate this risk.

References

https://wibu.com

https://cdn.wibu.com/fileadmin/wibu_downloads/security_ad...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2024