Wibu Systems license management critical but impacts multiple products
Take action: Review your tools and check if any of them are using Wibu Systems license manager. You may need to rush an update. There has been a similar issue with Apache RocketMQ and users ignored that it's part of other products they use. RockerMQ is actively hacked. Don't let your software running Wibu be a target as well.
Learn More
A severe flaw in Wibu Systems' software license management platform, based in Germany, has prompted its downstream clients to release patches for a critical vulnerability.
This vulnerability, tracked as CVE-2023-3935 (CVSS score 9.8) was reported in August 2023. It allows an unauthenticated, remote attacker to execute remote code (RCE) and gain complete control of the host system. Many software users, including Rockwell Automation's Studio 5000 Logix Designer, popular for creating and monitoring Programmable Logic Controller systems, have only recently started addressing this risk.
Other affected software includes a range of CAD/CAM tools from TRUMPF, and products from Leica Microsystems, known for high-end microscopes, which issued a fix in December.
