Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-14517
CVE-2020-14517:
Wibu-Systems CodeMeter vulnerability analysis and mitigation
Overview
The vulnerability (CVE-2020-14517) affects CodeMeter, a license manager owned by Wibu-Systems that is used by many industrial control system (ICS) software vendors, including Rockwell Automation and Siemens. The vulnerability is related to inadequate encryption strength in the CodeMeter protocol, affecting all versions prior to 6.90, and version 6.90 or newer if CodeMeter Runtime is running as server. The vulnerability was discovered by Sharon Brizinov and Tal Keren of Claroty and disclosed in September 2020 (CISA Advisory).
Technical details
The vulnerability is characterized by easily breakable protocol encryption, where the server accepts external connections, potentially allowing attackers to remotely communicate with the CodeMeter API. The vulnerability has been assigned a CVSS v3 base score of 9.4, with the vector string (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H), indicating its critical severity level (CISA Advisory).
Impact
Successful exploitation of this vulnerability could allow attackers to remotely communicate with the CodeMeter API, potentially leading to unauthorized access to critical systems. The vulnerability could enable attackers to alter and forge license files, cause denial-of-service conditions, and potentially achieve remote code execution (Threatpost, CISA Advisory).
Mitigation and workarounds
Wibu-Systems recommends updating to the latest version of the CodeMeter Runtime (version 7.10), running CodeMeter only as client, utilizing the new REST API instead of the internal WebSockets API, disabling the WebSockets API, and applying AxProtector. Additionally, CISA recommends minimizing network exposure for all control system devices, ensuring they are not accessible from the Internet, and locating control system networks behind firewalls isolated from the business network (CISA Advisory).
Community reactions
The vulnerability affected multiple critical infrastructure sectors worldwide, with many major ICS vendors including ABB, Bosch, CODESYS, Rockwell, and Siemens issuing their own security advisories in response. The discovery of this vulnerability, along with other related CodeMeter vulnerabilities, raised significant concerns in the industrial control systems security community (Threatpost).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management