Advisories | CERT@VDE

1
2 (current)

2020-10-27 11:28 VDE-2020-039

TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities

A number of TRUMPF CAD/CAM software tools use the CodeMeter Runtime application from WIBU-SYSTEMS AG to manage licences. This application contains a number of vulnerabilities, which enable an attacker to prevent normal operation of CodeMeter, resulting in a Denial-of-Service and potentially execute arbitrary code.

CVE-2020-14509: 9.8

CVE-2020-14517: 9.8

CVE-2020-16233: 7.5

CVE-2020-14519: 7.5

CVE-2020-14513: 7.5

CVE-2020-14515: 7.5

1
2 (current)

Feeds

RSS / Atom

By Vendor

ADS-TEC Industrial IT (3)

Auma (4)

Beckhoff (14)

Bender (2)

CODESYS (18)

Endress+Hauser (12)

Festo (12)

Festo Didactic (7)

Frauscher (3)

Carlo Gavazzi Controls (1)

Helmholz (12)

HIMA (2)

ifm (3)

Innominate (2)

Lenze (3)

MB connect line (12)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (32)

PHOENIX CONTACT (91)

Pilz (13)

Red Lion Europe (4)

SMA (4)

SWARCO (1)

TECSON/GOK (1)

TRUMPF SE (4)

TRUMPF Laser (8)

TRUMPF Werkzeugmaschinen (9)

VARTA Storage (1)

VMT (1)

WAGO (63)

Weidmueller (12)

Welotec (3)

Wiesemann & Theis (3)

Archive

2025

April (4)
March (8)
February (4)
January (5)

2024

December (4)
November (3)
October (8)
September (8)
August (9)
July (7)
June (4)
May (4)
April (3)
March (2)
February (6)
January (7)

2023

December (14)
November (5)
October (5)
September (5)
August (13)
July (5)
June (3)
May (4)
April (1)
March (3)
February (3)
January (2)

2022

December (5)
November (10)
October (5)
September (7)
August (4)
July (4)
June (7)
May (3)
April (11)
March (5)
January (5)

2021

December (2)
November (6)
October (5)
September (2)
August (10)
July (3)
June (9)
May (6)
April (2)
March (3)
February (3)
January (4)

2020

December (4)
November (3)
October (6)
September (8)
August (1)
July (3)
June (4)
May (2)
March (12)
February (2)

2019

December (2)
October (3)
September (1)
June (4)
May (2)
March (6)
January (1)

2018

October (1)
September (1)
August (2)
July (3)
May (4)
March (1)
February (1)
January (2)

2017

December (2)
November (1)
September (1)
March (1)

Legend

(Scoring for CVSS 2.0,3.0+3.1)

None

No CVE available

Low

0.1 <= 3.9

Medium

4.0 <= 6.9

High

7.0 <= 8.9

Critical

9.0 <= 10.0