Back to overview

PHOENIX CONTACT: Multiple Vulnerabilities in MEVIEW3

VDE-2019-003
Last update
05/14/2025 15:00
Published at
03/05/2019 11:35
Vendor(s)
Phoenix Contact GmbH & Co. KG
External ID
VDE-2019-003
CSAF Document
Download

Summary

Multiple vulnerabilities for MEVIEW3 have been identified in PHOENIX CONTACT MEVIEW3, versions below 3.14.25 and 3.15.18

Impact

Remote Code Execution Vulnerability:
WIBU-SYSTEMS WibuKey network server management remote code execution vulnerability. The vulnerability affects all operating systems...

Privilege Escalation Vulnerability:
WIBU-SYSTEMS WibuKey.sys pool has a corruption privilege escalation vulnerability. The vulnerability affects Windows systems...

Affected Product(s)

Model no. Product name Affected versions
MEVIEW3 Firmware <3.14.25, Firmware <3.15.18

Vulnerabilities

Expand / Collapse all

Published
09/22/2025 14:57
Severity
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)
Summary

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:57
Severity
7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)
Summary

An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:57
Severity
5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
Summary

An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.

References
cve.org | nvd.nist.gov

Mitigation

  1. Dongle based licensing:
    Update WibuKey Runtime to version 6.50. See: WIBU-SYSTEMS Download Page

  2. Hardwarecode-based licensing:
    Removing the WibuKey application.

For further information please refer to:
WIBU-SYSTEMS Support Documentation

Remediation

WibuKey Runtime Version 6.50 will be integrated in the next version MEVIEW3 (3.14.25 & 3.15.18).

Revision History

Version Date Summary
1 03/05/2019 11:35 Initial revision.
2 11/06/2024 12:27 Fix: correct certvde domain, added alias, added self-reference
3 05/14/2025 15:00 Fix: added distribution