What follows is an in-depth description of the approaches researchers took in, first, understanding the CodeMeter licensing scheme in order to eventually parse CodeMeter licenses, modify existing licenses, and even forge valid licenses. Hoping to improve awareness of whether organizations are vulnerable to these flaws, Claroty researchers have published a tool that allows organizations to test whether they’re running a vulnerable version of CodeMeter, and can use that information to make a determination how to move forward with regard to patching. CodeMeter is a widely deployed third-party tool that is integrated into numerous products organizations may not be aware their product has CodeMeter embedded, for example, or may not have a readily available update mechanism.
The larger issue, as is common in the ICS domain, is the unlikelihood of widespread implementation of the respective patches.
All versions of CodeMeter prior to 7.10 are affected by these vulnerabilities in some way. Wibu-Systems has made fixes available for all of the vulnerabilities privately disclosed by Claroty researchers in version 7.10 of CodeMeter. The vulnerabilities range from memory corruption vulnerabilities such as buffer overflows, to cryptographic flaws where the improper encryption strength was used, or cryptographic signatures were improperly validated. Successful exploits could enable either remote code execution or cause a denial-of-service condition affecting the availability of an industrial device or service. These vulnerabilities may be attacked remotely and without authentication, and provide attackers with the equivalent of administrator access to critical systems. It provides a full-scale license management solution and antipiracy protection, in addition to other encryption services that-big picture-act as a security blanket guarding the intellectual property of companies worldwide.Ĭlaroty’s research team has examined this powerful utility because of its large market presence among ICS vendors and found six vulnerabilities that collectively were assessed the highest criticality (10.0) by the Cybersecurity and Infrastructure Security Agency (CISA).
CodeMeter is integrated into products from vendors who have a significant customer presence in industries such as pharmaceuticals, manufacturing, automotive developers, and many others.
Among industrial control system (ICS) vendors, Wibu-Systems AG’s CodeMeter product is fairly ubiquitous. State-of-the art license management solutions protect software vendors and solutions from fraud, illegal distribution, and manipulation of proprietary code.
0 kommentar(er)
