Security Vulnerabilities in CodeMeter Runtime (10/2023)
Description
dSPACE were informed by WIBU Systems, the supplier of the CodeMeter license technology used by dSPACE, about problems in the CodeMeter Runtime that were classified as a potential security risk.
These vulnerabilities potentially affect
- all systems with CodeMeter installation.
According to WIBU Systems, a malicious proxy can exploit a bug in the implemented handshake to cause a buffer overflow. If no SOCKS5 proxy has been configured, there is no attack surface.
Detailed information is available in the Product Security Advisory WIBU-231017-01 (2023-10-27) provided by WIBU Systems under the following link. This information can also be used to determine the individual risk.
CodeMeter Update
The vulnerabilities were closed by WIBU Systems with CodeMeter version 7.60d. This new version has been tested and released by dSPACE.
Based on the result of your individual risk determination dSPACE recommends the update to the current CodeMeter version published at here for all CodeMeter installations.
CodeMeter Version Check
You find your current CodeMeter Runtime version under Windows 10 System Settings - Apps & features.
| Date | 2023-11-07 |
| 제품군 | dSPACE Installation Manager |
| 인포메이션 타입 | 패치 |
| 인포메이션 카테고리 | Installation and Licensing, Product Security |
| dSPACE Release | 2023-A, 2022-B, 2022-A, 2021-B, 2021-A, 2020-B, 2020-A, 2019-B, 2019-A, 2018-B, 2018-A, 2017-B |
혁신을 추진하세요. 항상 기술 개발의 동향을 주시해야 합니다.
저희 전문 지식 서비스에 가입하세요. dSPACE의 성공적인 프로젝트 사례를 확인해 보세요. 시뮬레이션 및 검증에 대한 최신 정보를 받아보세요. 지금 바로 dSPACE 다이렉트(뉴스레터)를 구독하세요.