Security Vulnerabilities in CodeMeter Runtime (10/2023)

Description

dSPACE were informed by WIBU Systems, the supplier of the CodeMeter license technology used by dSPACE, about problems in the CodeMeter Runtime that were classified as a potential security risk.

These vulnerabilities potentially affect

  • all systems with CodeMeter installation​​​​​​​. 

According to WIBU Systems, a malicious proxy can exploit a bug in the implemented handshake to cause a buffer overflow. If no SOCKS5 proxy has been configured, there is no attack surface.

Detailed information is available in the Product Security Advisory WIBU-231017-01 (2023-10-27) provided by WIBU Systems under the following link. This information can also be used to determine the individual risk.

CodeMeter Update

The vulnerabilities were closed by WIBU Systems with CodeMeter version 7.60d. This new version has been tested and released by dSPACE.

Based on the result of your individual risk determination dSPACE recommends the update to the current CodeMeter version published at here for all CodeMeter installations.

 

The updated version is available here.

CodeMeter Version Check

 

You find your current CodeMeter Runtime version under Windows 10 System Settings - Apps & features. 

Tags
Date 2023-11-07
Produit dSPACE Installation Manager
Type d’information Patches
Catégorie d’information Installation et licence, Product Security
Release dSPACE 2023-A, 2022-B, 2022-A, 2021-B, 2021-A, 2020-B, 2020-A, 2019-B, 2019-A, 2018-B, 2018-A, 2017-B

Faire avancer l'innovation. Toujours à la pointe de l'évolution technologique.

S’abonner à nos newsletters, gérer ses abonnements ou se désabonner. La newsletter mensuelle contenant toutes les informations liées à l’aéronautique et défense.

Enable form call

At this point, an input form from Click Dimensions is integrated. This enables us to process your newsletter subscription. The form is currently hidden due to your privacy settings for our website.

External input form

By activating the input form, you consent to personal data being transmitted to Click Dimensions within the EU, in the USA, Canada or Australia. More on this in our privacy policy.