Wibu-Systems CodeMeter is a technology that provides comprehensive software protection, licensing and security solutions. It offers an all-in-one platform that safeguards software publishers and intelligent device manufacturers against piracy, counterfeiting, reverse engineering, and tampering. CodeMeter combines the functionalities of encryption, licensing, and hardware anchoring to offer a secure system for protecting digital assets.

Wibu-Systems CodeMeter

CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with LocalSystem permissions.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2021-20093	CRITICAL	9.1	Wibu-Systems CodeMeter	cpe:2.3:a:wibu:codemeter	No	Yes	Jun 16, 2021
CVE-2020-37017	HIGH	8.5	Wibu-Systems CodeMeter	cpe:2.3:a:wibu:codemeter	No	Yes	Jan 29, 2026
CVE-2025-47809	HIGH	8.2	Wibu-Systems CodeMeter	cpe:2.3:a:wibu:codemeter	No	Yes	May 16, 2025
CVE-2021-20094	HIGH	7.5	Wibu-Systems CodeMeter	cpe:2.3:a:wibu:codemeter	No	Yes	Jun 16, 2021
CVE-2020-16233	HIGH	7.5	Wibu-Systems CodeMeter	cpe:2.3:a:wibu:codemeter	No	Yes	Sep 16, 2020

CVE-2020-37017:
Wibu-Systems CodeMeter vulnerability analysis and mitigation

8.5

Related Wibu-Systems CodeMeter vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2020-37017: Wibu-Systems CodeMeter vulnerability analysis and mitigation