WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D) (ICSA-19-043-03) – Product Used in the Energy Sector

Author: Charles Egli

Created: Thursday, May 16, 2019 - 1:10

Categories: Cybersecurity

May 14, 2019

The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

April 9, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

March 13, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products, the sectors affected, and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

February 14, 2019

The NCCIC has updated this advisory with additional information on the nature of the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.

February 12, 2019

The NCCIC has published an advisory on information exposure, out-of-bounds write, and heap based buffer vulnerabilities in Siemens Licensing Software for SICAM 230. All versions prior to 7.20 are affected. Successful exploitation of these vulnerabilities may allow information disclosure, privilege escalation, or remote code execution. Siemens recommends users upgrade to WibuKey Digital Rights Management (DRM) Version 6.50 or higher from WIBU SYSTEMS AG. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.