CVE-2020-14509

CWE-8053 documents3 sources

Severity

9.8CRITICAL

EPSS

0.3%

top 48.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wibu Codemeter

Timeline

PublishedSep 16

Latest updateMay 24

Description

Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDwibu/codemeter< 7.10

▶CVEListV5codemeterAll versions prior to 7.10

🔴Vulnerability Details

GHSA

GHSA-w97r-xg4x-xx2r: Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7↗2022-05-24

▶

CVEList

CVE-2020-14509: Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7↗2020-09-16

▶