Vulnerability in Wibu Codemeter

CVE-2020-14517

Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow a…

EPSS: 0.007 (47.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

  • Wibu Codemeter
  • N/a Codemeter — versions All versions prior to 6.90, including Version 6.90 or newer only if CodeMeter Runtime is running as server.

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2020-14517?
CVE-2020-14517 is a critical-severity vulnerability in Wibu Codemeter, classified under Inadequate Encryption Strength. CVSS score: 9.8/10. Published 2020-09-16.
How severe is CVE-2020-14517?
Critical severity. CVSS v3 base score is 9.8 out of 10.