CVE-2014-8419

CWE-2643 documents3 sources

Severity

7.2HIGH

EPSS

0.0%

top 90.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wibu Codemeter Runtime

Timeline

PublishedNov 26

Latest updateMay 14

Description

Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDwibu/codemeter_runtime5.10c

🔴Vulnerability Details

GHSA

GHSA-73m9-q5p6-vhgf: Wibu-Systems CodeMeter Runtime before 5↗2022-05-14

▶

CVEList

CVE-2014-8419: Wibu-Systems CodeMeter Runtime before 5↗2014-11-26

▶