VDE-2023-032
Vulnerability from csaf_weidmuellerinterfacegmbhcokg - Published: 2023-11-09 07:42 - Updated: 2025-05-22 13:03Summary
Weidmueller: WIBU Vulnerability in multiple Products
Notes
Summary: Multiple Weidmueller products are affected by recent WIBU vulnerability.
Impact: An attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.
Exploiting the vulnerability in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full admin access on this workstation.
Mitigation: u-create studio:
Disabling the network server function within CodeMeter would mitigate the vulnerability. To disable this function
please refer to the following steps:
1. Navigate to the CodeMeter WebAdmin Website
2. Select option Settings > Server > Server access
3. Choose option 'deactivate' in section 'network server'
4. Click 'Apply' button on the bottom of the website
Remediation: For the affected **u-control web Controllers** and **IoT-Gateways**, please update the firmware to at least version **2.0.2**.
The firmware update can be obtained from [www.weidmueller.com](https://www.weidmueller.com).
For **u-create studio**, please update the **CodeMeter control center** software to at least version **7.60c**.
The Codemeter control center is included in u-create studio and is installed on your computer in parallel.
The Codemeter control center update can be obtained from the **WIBU-SYSTEMS** homepage.
Look for **'CodeMeter User Runtime für Windows'** on the WIBU website.
Find below appropriate patched firmware versions for all affected products:
| Product Number | Product Name | Patched in Version |
|----------------|---------------------------------------------------|---------------------|
| 1334950000 | UC20-WL2000-AC (with u-OS) | 2.0.2 |
| 1334990000 | UC20-WL2000-IOT (with u-OS) | 2.0.2 |
| 2682620000 | IOT-GW30 (with u-OS) | 2.0.2 |
| 2682630000 | IOT-GW30-4G-EU (with u-OS) | 2.0.2 |
| 2660130000 | u-create studio with CodeMeter control center | 7.60c |
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
9.8 (Critical)
Mitigation
u-create studio:
Disabling the network server function within CodeMeter would mitigate the vulnerability. To disable this function
please refer to the following steps:
1. Navigate to the CodeMeter WebAdmin Website
2. Select option Settings > Server > Server access
3. Choose option 'deactivate' in section 'network server'
4. Click 'Apply' button on the bottom of the website
Vendor Fix
For the affected **u-control web Controllers** and **IoT-Gateways**, please update the firmware to at least version **2.0.2**.
The firmware update can be obtained from [www.weidmueller.com](https://www.weidmueller.com).
For **u-create studio**, please update the **CodeMeter control center** software to at least version **7.60c**.
The Codemeter control center is included in u-create studio and is installed on your computer in parallel.
The Codemeter control center update can be obtained from the **WIBU-SYSTEMS** homepage.
Look for **'CodeMeter User Runtime für Windows'** on the WIBU website.
Find below appropriate patched firmware versions for all affected products:
| Product Number | Product Name | Patched in Version |
|----------------|---------------------------------------------------|---------------------|
| 1334950000 | UC20-WL2000-AC (with u-OS) | 2.0.2 |
| 1334990000 | UC20-WL2000-IOT (with u-OS) | 2.0.2 |
| 2682620000 | IOT-GW30 (with u-OS) | 2.0.2 |
| 2682630000 | IOT-GW30-4G-EU (with u-OS) | 2.0.2 |
| 2660130000 | u-create studio with CodeMeter control center | 7.60c |
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Weidmueller products are affected by recent WIBU vulnerability.",
"title": "Summary"
},
{
"category": "description",
"text": "An attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.\nExploiting the\u00a0vulnerability in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full admin access on this workstation.",
"title": "Impact"
},
{
"category": "description",
"text": "u-create studio:\nDisabling the network server function within CodeMeter would mitigate the vulnerability. To disable this function\nplease refer to the following steps:\n\n1. Navigate to the CodeMeter WebAdmin Website\n2. Select option Settings \u003e Server \u003e Server access\n3. Choose option \u0027deactivate\u0027 in section \u0027network server\u0027\n4. Click \u0027Apply\u0027 button on the bottom of the website",
"title": "Mitigation"
},
{
"category": "description",
"text": "For the affected **u-control web Controllers** and **IoT-Gateways**, please update the firmware to at least version **2.0.2**. \nThe firmware update can be obtained from [www.weidmueller.com](https://www.weidmueller.com).\n\nFor **u-create studio**, please update the **CodeMeter control center** software to at least version **7.60c**. \nThe Codemeter control center is included in u-create studio and is installed on your computer in parallel. \nThe Codemeter control center update can be obtained from the **WIBU-SYSTEMS** homepage. \nLook for **\u0027CodeMeter User Runtime f\u00fcr Windows\u0027** on the WIBU website.\n\nFind below appropriate patched firmware versions for all affected products:\n\n| Product Number | Product Name | Patched in Version |\n|----------------|---------------------------------------------------|---------------------|\n| 1334950000 | UC20-WL2000-AC (with u-OS) | 2.0.2 |\n| 1334990000 | UC20-WL2000-IOT (with u-OS) | 2.0.2 |\n| 2682620000 | IOT-GW30 (with u-OS) | 2.0.2 |\n| 2682630000 | IOT-GW30-4G-EU (with u-OS) | 2.0.2 |\n| 2660130000 | u-create studio with CodeMeter control center | 7.60c |",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@weidmueller.com",
"name": "Weidmueller Interface GmbH \u0026 Co. KG",
"namespace": "https://www.weidmueller.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2023-032: Weidmueller: WIBU Vulnerability in multiple Products - HTML",
"url": "https://certvde.com/en/advisories/VDE-2023-032/"
},
{
"category": "self",
"summary": "VDE-2023-032: Weidmueller: WIBU Vulnerability in multiple Products - CSAF",
"url": "https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-032.json"
},
{
"category": "external",
"summary": "Weidmueller PSIRT",
"url": "https://www.weidmueller.com/int/solutions/solutions/industrial_security/index.jsp"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Weidmueller Interface GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/weidmueller/"
}
],
"title": "Weidmueller: WIBU Vulnerability in multiple Products",
"tracking": {
"aliases": [
"VDE-2023-032"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-05-05T12:10:06.840Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.24"
}
},
"id": "VDE-2023-032",
"initial_release_date": "2023-11-09T07:42:00.000Z",
"revision_history": [
{
"date": "2023-11-09T07:42:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "IOT-GW30-4G-EU (with u-OS) 2.0.0",
"product_id": "CSAFPID-51001",
"product_identification_helper": {
"model_numbers": [
"2682630000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.1",
"product": {
"name": "IOT-GW30-4G-EU (with u-OS) 2.0.1",
"product_id": "CSAFPID-51002",
"product_identification_helper": {
"model_numbers": [
"2682630000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.2",
"product": {
"name": "IOT-GW30-4G-EU (with u-OS) 2.0.2",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "IOT-GW30-4G-EU (with u-OS)"
},
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "IOT-GW30 (with u-OS) 2.0.0",
"product_id": "CSAFPID-51003",
"product_identification_helper": {
"model_numbers": [
"2682620000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.1",
"product": {
"name": "IOT-GW30 (with u-OS) 2.0.2",
"product_id": "CSAFPID-51004",
"product_identification_helper": {
"model_numbers": [
"2682620000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.2",
"product": {
"name": "IOT-GW30 (with u-OS) 2.0.2",
"product_id": "CSAFPID-52002"
}
}
],
"category": "product_name",
"name": "IOT-GW30 (with u-OS)"
},
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "UC20-WL2000-AC (with u-OS) 2.0.0",
"product_id": "CSAFPID-51005",
"product_identification_helper": {
"model_numbers": [
"1334950000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.1",
"product": {
"name": "UC20-WL2000-AC (with u-OS) 2.0.1",
"product_id": "CSAFPID-51006",
"product_identification_helper": {
"model_numbers": [
"1334950000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.2",
"product": {
"name": "UC20-WL2000-AC (with u-OS) 2.0.2",
"product_id": "CSAFPID-52003"
}
}
],
"category": "product_name",
"name": "UC20-WL2000-AC (with u-OS)"
},
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "UC20-WL2000-IOT (with u-OS) 2.0.0",
"product_id": "CSAFPID-51007",
"product_identification_helper": {
"model_numbers": [
"1334990000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.1",
"product": {
"name": "UC20-WL2000-IOT (with u-OS) 2.0.1",
"product_id": "CSAFPID-51008",
"product_identification_helper": {
"model_numbers": [
"1334990000"
]
}
}
},
{
"category": "product_version",
"name": "2.0.2",
"product": {
"name": "UC20-WL2000-IOT (with u-OS) 2.0.2",
"product_id": "CSAFPID-52004"
}
}
],
"category": "product_name",
"name": "UC20-WL2000-IOT (with u-OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=4.2.4",
"product": {
"name": "u-create studio \u003c= 4.2.4",
"product_id": "CSAFPID-51009",
"product_identification_helper": {
"model_numbers": [
"2660130000"
]
}
}
},
{
"category": "product_version",
"name": "7.60c",
"product": {
"name": "u-create studio 7.60c",
"product_id": "CSAFPID-52005",
"product_identification_helper": {
"model_numbers": [
"2660130000"
]
}
}
}
],
"category": "product_name",
"name": "u-create studio"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Weidm\u00fcller"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003",
"CSAFPID-52004",
"CSAFPID-52005"
],
"summary": "Fixed products."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3935",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003",
"CSAFPID-52004",
"CSAFPID-52005"
],
"known_affected": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "u-create studio:\nDisabling the network server function within CodeMeter would mitigate the vulnerability. To disable this function\nplease refer to the following steps:\n\n1. Navigate to the CodeMeter WebAdmin Website\n2. Select option Settings \u003e Server \u003e Server access\n3. Choose option \u0027deactivate\u0027 in section \u0027network server\u0027\n4. Click \u0027Apply\u0027 button on the bottom of the website",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "For the affected **u-control web Controllers** and **IoT-Gateways**, please update the firmware to at least version **2.0.2**. \nThe firmware update can be obtained from [www.weidmueller.com](https://www.weidmueller.com).\n\nFor **u-create studio**, please update the **CodeMeter control center** software to at least version **7.60c**. \nThe Codemeter control center is included in u-create studio and is installed on your computer in parallel. \nThe Codemeter control center update can be obtained from the **WIBU-SYSTEMS** homepage. \nLook for **\u0027CodeMeter User Runtime f\u00fcr Windows\u0027** on the WIBU website.\n\nFind below appropriate patched firmware versions for all affected products:\n\n| Product Number | Product Name | Patched in Version |\n|----------------|---------------------------------------------------|---------------------|\n| 1334950000 | UC20-WL2000-AC (with u-OS) | 2.0.2 |\n| 1334990000 | UC20-WL2000-IOT (with u-OS) | 2.0.2 |\n| 2682620000 | IOT-GW30 (with u-OS) | 2.0.2 |\n| 2682630000 | IOT-GW30-4G-EU (with u-OS) | 2.0.2 |\n| 2660130000 | u-create studio with CodeMeter control center | 7.60c |",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009"
]
}
],
"title": "CVE-2023-3935"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…