Summary
The TRUMPF CAD/CAM software tools mentioned above use the vulnerable CodeMeter Runtime (up to version 7.60b) application from WIBU-SYSTEMS AG to manage licenses within the component TRUMPF License Expert. This CodeMeter application contains new vulnerabilities, which may enable an attacker to gain full access to the server or workstation on which the TRUMPF License Expert has been installed on. A new version of the TRUMPF License Expert which fixes this vulnerability is available.Machines with a running and correctly installed mGuard hardware firewall cannot be exploited by this vulnerability if used as intended (according to the manual).
Update A, 2023-11-13
Removed CVE-2023-4701 because it was revoked.
Impact
An attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.
Exploiting the vulnerability in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full access on this workstation for an already authenticated user (logged in locally to the PC).
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| MonitoringAnalyzer | V1.0<=V1.3 | |
| Oseon | V1.0.0<=V3.0.22 | |
| ProgrammingTube | V1.0.1<=V4.6.3 | |
| TecZoneBend | V18.02.R8<=V23.06.01 | |
| ToPsCalculation | V14.00<=V22.00.00 | |
| Tops Unfold | V05.03.00.00 | |
| TruTops | V08.00<=V12.01.00.00 | |
| TruTops Cell Classic | <=V09.09.02 | |
| TruTops Cell SW48 | V01.00<=V02.26.0 | |
| TruTops Mark 3D | V01.00<=V06.01 | |
| TruTopsBoost | V06.00.23.00<=V16.0.22 | |
| TruTopsFab (inkl.TruTops Monitor) | V15.00.23.00<=V22.8.25 | |
| TruTopsFab_Storage_SmallStore | V14.06.20<=V20.04.20.00 | |
| TruTopsPrint | V00.06.00<=V01.00 | |
| TruTopsPrintMultilaserAssistant | >=V01.02 | |
| TruTopsWeld | V7.0.198.241<=V9.0.28148.1 | |
| TrumpfLicenseExpert | V1.5.2<=V1.11.1 | |
| TubeDesign | V08.00<=V14.06.150 |
Vulnerabilities
Expand / Collapse allA heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
Mitigation
Implement general security best practices like network segmentation, endpoint protection and system hardening.
Restrict network access to the TRUMPF License Expert server component to required clients only by using firewalls or other suitable products.
Remediation
Get the latest version of the TRUMPF License Expert software (>= V2.0.0) at trumpf.com/de_DE/produkte/software/software-lizenzierung and install it on all affected servers and workstations.
Acknowledgments
Trumpf SE + Co. KG thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 09/13/2023 12:00 | Initial revision. |
| 2 | 11/13/2023 12:00 | Update A |