Share: Email | Twitter

ID

VDE-2023-031

Published

2023-09-13 12:00 (CEST)

Last update

2023-09-13 15:16 (CEST)

Vendor(s)

Trumpf SE
TRUMPF Laser GmbH
TRUMPF Werkzeugmaschinen SE + Co. KG

Product(s)

Article No┬░ Product Name Affected Version(s)
MonitoringAnalyzer V1.0 <= V1.3
Oseon V1.0.0 <= V3.0.22
ProgrammingTube V1.0.1 <= V4.6.3
TecZoneBend V18.02.R8 <= V23.06.01
ToPsCalculation V14.00 <= V22.00.00
Tops Unfold = V05.03.00.00
TrumpfLicenseExpert V1.5.2 <= V1.11.1
TruTops V08.00 <= V12.01.00.00
TruTopsBoost V06.00.23.00 <= V16.0.22
TruTops Cell Classic <= V09.09.02
TruTops Cell SW48 V01.00 <= V02.26.0
TruTopsFab (inkl.TruTops Monitor) V15.00.23.00 <= V22.8.25
TruTopsFab_Storage_SmallStore V14.06.20 <= V20.04.20.00
TruTops Mark 3D V01.00 <= V06.01
TruTopsPrint V00.06.00 <= V01.00
TruTopsPrintMultilaserAssistant >= V01.02
TruTopsWeld V7.0.198.241 <= V9.0.28148.1
TubeDesign V08.00 <= V14.06.150

Summary

The TRUMPF CAD/CAM software tools mentioned above use the vulnerable CodeMeter Runtime (up to version 7.60b) application from WIBU-SYSTEMS AG to manage licenses within the component TRUMPF License Expert. This CodeMeter application contains new vulnerabilities, which may enable an attacker to gain full access to the server or workstation on which the TRUMPF License Expert has been installed on. A new version of the TRUMPF License Expert which fixes this vulnerability is available.
Machines with a running and correctly installed mGuard hardware firewall cannot be exploited by this vulnerability if used as intended (according to the manual).

Vulnerabilities



Last Update
Sept. 19, 2023, 8:50 a.m.
Weakness
Out-of-bounds Write (CWE-787)
Summary

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

Last Update
Sept. 19, 2023, 9:01 a.m.
Weakness
Improper Privilege Management (CWE-269)
Summary

A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system.

Impact

An attacker exploiting the vulnerabilities in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.

Exploiting the vulnerabilities in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full access on this workstation for an already authenticated user (logged in locally to the PC).

Solution

Mitigation

  • Implement general security best practices like network segmentation, endpoint protection and system hardening.
  • Restrict network access to the TRUMPF License Expert server component to required clients only by using firewalls or other suitable products.

Remediation

Get the latest version of the TRUMPF License Expert software (>= V2.0.0) at trumpf.com/de_DE/produkte/software/software-lizenzierung and install it on all affected servers and workstations.

Reported by

CERT@VDE coordinated with TRUMPF