CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-14515

CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01
https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01

Products affected by CVE-2020-14515

Wibu » Codemeter » Version: N/A

cpe:2.3:a:wibu:codemeter:-
Wibu » Codemeter » Version: 6.50a

cpe:2.3:a:wibu:codemeter:6.50a
Wibu » Codemeter » Version: 6.81

cpe:2.3:a:wibu:codemeter:6.81

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14515

Products

Pricing

Contact Us