CVE-2021-20094

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.5HIGH
EPSS
6.8%
top 8.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Wibu Codemeter
Timeline
PublishedJun 16
Latest updateMay 24

Description

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5wibu-systems_codemeter< 7.21a
NVDwibu/codemeter< 7.21a

Patches

Patch: cert-portal.siemens.comPatch: www.tenable.comPatch: cert-portal.siemens.com

🔴Vulnerability Details

2
GHSA
GHSA-fm8v-xp26-8h3q: A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 72022-05-24
CVEList
CVE-2021-20094: A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 72021-06-16