CVE-2020-14513
published 2020-09-16CVE-2020-14513: CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.56%
72.2th percentile
CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wibu | codemeter | < 6.81 | 6.81 |
| wibu | codemeter | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
CODESYS in Festo Automation Suite
cisa_ics·2026-03-17
CODESYS in Festo Automation Suite
ICS Advisory
##
CODESYS in Festo Automation Suite
Release DateMarch 17, 2026
Alert CodeICSA-26-076-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
3. TECHNICAL DETAILS
The following versions of CODESYS in Festo Automation Suite are affected:
- FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.0) vers:all/*
- FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.5.16.10) vers:all/*
- FESTO Software Festo Automation Suite (2.8.0.137) installed with CODESYS Software CODESYS Development System (3.0) vers:all/*
- FESTO Software Festo Automation
CISA ICS
Wibu-Systems CodeMeter (Update F)
cisa_ics·2021-02-11·CVSS 9.8
[CRITICAL] Wibu-Systems CodeMeter (Update F)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Wibu-Systems CodeMeter (Update F)
Last RevisedMarch 10, 2022
Alert CodeICSA-20-203-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Wibu-Systems AG
- Equipment: CodeMeter
- Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verification of Cryptographic Signature, Improper Resource Shutdown or Release
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-20-203-01 Wibu-Sys
GHSA
GHSA-mhc5-f7x7-jfpg: CodeMeter (All versions prior to 6
ghsa_unreviewed·2022-05-24
CVE-2020-14513 [HIGH] GHSA-mhc5-f7x7-jfpg: CodeMeter (All versions prior to 6
CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.
No detection rules found.
No public exploits indexed.
2020-09-16
Published