CVE-2023-3935

Published Sep 13, 2023
Last updated 10 months ago
CVSS critical 9.8
Overview

Description: A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
Source: info@cert.vde.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL
Weaknesses

nvd@nist.gov: CWE-787
info@cert.vde.com: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wibu:codemeter_runtime:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F783582-7E13-457E-96E9-8FD2D58580F5",
            "versionEndExcluding": "7.60c"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:trumpf:oseon:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BCF0613-5F59-4DAA-9DDB-A9322892353A",
            "versionEndIncluding": "3.0.22",
            "versionStartIncluding": "1.0.0"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:programmingtube:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9648C643-3213-4D0B-A3E0-6C4A092E8DAE",
            "versionEndIncluding": "4.6.3",
            "versionStartIncluding": "1.0.1"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:teczonebend:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56F0DB5E-5F18-4DA4-9488-242351FE5994",
            "versionEndIncluding": "23.06.01",
            "versionStartIncluding": "18.02.r8"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:tops_unfold:05.03.00.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "926A92BB-2001-4176-9F73-F7F40F4D58CE"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:topscalculation:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "903A6767-5E6D-4E98-A756-A3FC99BAF13F",
            "versionEndIncluding": "22.00.00",
            "versionStartIncluding": "14.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trumpflicenseexpert:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54F8DF4D-3C69-4117-88A4-9C0F6838C7DD",
            "versionEndIncluding": "1.11.1",
            "versionStartIncluding": "1.5.2"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutops:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8360F8C5-1F88-420F-91B2-C75EC8A97A0C",
            "versionEndIncluding": "12.01.00.00",
            "versionStartIncluding": "08.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutops_cell_classic:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3240055F-E26E-4BE9-89A9-D50A6FA5E8F1",
            "versionEndIncluding": "09.09.02"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutops_cell_sw48:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CD0343C-7A91-4CF7-B70B-CB2569FFE679",
            "versionEndIncluding": "02.26.0",
            "versionStartIncluding": "01.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutops_mark_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB6D30E6-031C-4104-A573-2FD3773E1CDF",
            "versionEndIncluding": "06.01",
            "versionStartIncluding": "01.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsboost:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B55ED3C4-B111-4A8C-BB9F-A50FCCC38432",
            "versionEndIncluding": "16.0.22",
            "versionStartIncluding": "06.00.23.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsfab:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4180D87-1915-4868-9328-D310282DD7C4",
            "versionEndIncluding": "22.8.25",
            "versionStartIncluding": "15.00.23.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsfab_storage_smallstore:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C7823FE-A87C-494B-AB35-AB2830884282",
            "versionEndIncluding": "20.04.20.00",
            "versionStartIncluding": "14.06.20"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsprint:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A257AA96-76DA-47CC-A3BA-3CCFB719C62E",
            "versionEndIncluding": "01.00",
            "versionStartIncluding": "00.06.00"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsprintmultilaserassistant:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "607CE0A6-C1CB-4B30-A7C7-FFEDF8DB0DA1",
            "versionStartIncluding": "01.02"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:trutopsweld:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1561DCB8-AEAF-45A8-9F6F-EEB6A49452C9",
            "versionEndIncluding": "9.0.28148.1",
            "versionStartIncluding": "7.0.198.241"
          },
          {
            "criteria": "cpe:2.3:a:trumpf:tubedesign:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D88C313D-95E2-44EA-A895-F4CA659A5846",
            "versionEndIncluding": "14.06.150",
            "versionStartIncluding": "08.00"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:phoenixcontact:activation_wizard:*:*:*:*:*:moryx:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8198A71-1EA7-4DAC-8D4F-EB646A0DC635",
            "versionEndIncluding": "1.6"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:e-mobility_charging_suite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B2B109F-41E0-4CC9-9F9F-F1AD06E1EA77",
            "versionEndIncluding": "1.7.0"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:fl_network_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8751F63-3D03-434A-BF4E-67320F6672FD",
            "versionEndIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:iol-conf:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "907E5EB3-8346-4371-9CFF-0F885CC0529E",
            "versionEndIncluding": "1.7.0"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:module_type_package_designer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9659319-4AEC-4112-9EAC-7892C0A37AA8",
            "versionEndExcluding": "1.2.0"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:module_type_package_designer:1.2.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB44DD6D-7685-4346-91BC-30CB9531982A"
          },
          {
            "criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "170FABD2-23D5-4885-AA09-B4130F945564",
            "versionEndIncluding": "2023.6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
