Vulnerability: Improper Privilege Management. Successful exploitation of this vulnerability could allow an attacker to crash the CodeMeter Runtime Server, which could cause a denial-of-service condition. CodeMeter Runtime: All versions prior to Version 7.30aģ.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER PRIVILEGE MANAGEMENT CWE-269Ī local attacker using the Microsoft Windows OS could cause CodeMeter Runtime to improperly control file access permissions by setting up a link to a special system file used with CmDongles.The following versions of CodeMeter Runtime, a license manger, are affected: This could result in overwriting of essential files or a crash of the CodeMeter Runtime Server.ĬVE-2021-41057 has been assigned to this vulnerability. CRITICAL INFRASTRUCTURE SECTORS: Multiple.A CVSS v3 base score of 7.1 has been assigned the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H). Proxy settings are evaluated URL-specific. Update to the latest version of the CodeMeter Runtime.Jokūbas Arsoba reported this vulnerability to Wibu-Systems. The use of a system proxy in CodeMeter for network connections (HTTP and HTTPS) in the context of different functionalities or services (time server update, field update, cloud connection and CmWAN) was revised for Windows and macOS, so that the general system behavior is mapped. The following measures are recommended to reduce the risk until the fixed version can be installed.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |