VDE-2026-007
Vulnerability from csaf_trumpfsecokg - Published: 2026-02-23 08:00 - Updated: 2026-02-23 08:00Summary
TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability
Severity
High
Notes
Summary: The TRUMPF product versions listed below include a Wibu CodeMeter component that is vulnerable to a privilege escalation vulnerability through the CodeMeter installer on Windows.
Impact: The CodeMeter installer on Windows has a vulnerability that allows under certain circumstances an Escalation of Privileges for an unprivileged account. After installation on an unprivileged account with UAC using the built-in administrator account, CodeMeter launches the CodeMeter Control Center with system privileges.
Disclaimer: This document is provided on an \"AS IS\" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. TRUMPF SE + Co. KG reserves the right to change or update this document at any time.
Remediation: New versions are available for the affected products. These include an updated WiBu CodeMeter (bundled with TRUMPF License Expert). If your installation is affected, the easiest fix is to install the latest TRUMPF License Expert from https://www.trumpf.com/en_INT/products/software/software-licensing/.
| Fixed Product | Version |
| --------------------- | -------- |
| TruTops Boost | 21.00.00 |
| TecZone Bend | 25.11.1 |
| Oseon | 8.00.00 |
| Programming Tube | 6.9 |
| TruTops Cell | 2.77.0 |
| TruTops Weld | 11.0 |
| TRUMPF License Expert | 2.3.2 |
Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.
8.2 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TruTops Boost 21.00.00
TRUMPF SE + Co. KG / Software / TruTops Boost
|
cpe:2.3:a:trumpf:trutopsboost:21.0.0:*:*:*:*:*:*:*
|
21.00.00 | |
|
TecZone Bend 25.11.1
TRUMPF SE + Co. KG / Software / TecZone Bend
|
cpe:2.3:a:trumpf:teczonebend:25.11.1:*:*:*:*:*:*:*
|
25.11.1 | |
|
Oseon 8.00.00
TRUMPF SE + Co. KG / Software / Oseon
|
cpe:2.3:a:trumpf:oseon:8.0.0:*:*:*:*:*:*:*
|
8.00.00 | |
|
Programming Tube 6.9
TRUMPF SE + Co. KG / Software / Programming Tube
|
cpe:2.3:a:trumpf:programmingtube:6.9.0:*:*:*:*:*:*:*
|
6.9 | |
|
TruTops Cell 2.77.0
TRUMPF SE + Co. KG / Software / TruTops Cell
|
cpe:2.3:a:trumpf:trutopscell:2.77.0:*:*:*:*:*:*:*
|
2.77.0 | |
|
TruTops Weld 11.0
TRUMPF SE + Co. KG / Software / TruTops Weld
|
cpe:2.3:a:trumpf:trutopsweld:11.0.0:*:*:*:*:*:*:*
|
11.0 | |
|
TRUMPF License Expert 2.3.2
TRUMPF SE + Co. KG / Software / TRUMPF License Expert
|
cpe:2.3:a:trumpf:trumpflicenseexpert:2.3.2:*:*:*:*:*:*:*
|
2.3.2 |
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TruTops Boost < 21.00.00
TRUMPF SE + Co. KG / Software / TruTops Boost
|
vers:semver/<21.00.00 |
Vendor Fix
|
|
|
TruTops Boost 20.04.23
TRUMPF SE + Co. KG / Software / TruTops Boost
|
cpe:2.3:a:trumpf:trutopsboost:20.04.23:*:*:*:*:*:*:*
|
20.04.23 |
Vendor Fix
|
|
TecZone Bend < 25.11.1
TRUMPF SE + Co. KG / Software / TecZone Bend
|
vers:semver/<25.11.1 |
Vendor Fix
|
|
|
TecZone Bend 25.10.0
TRUMPF SE + Co. KG / Software / TecZone Bend
|
cpe:2.3:a:trumpf:teczonebend:25.10.0:*:*:*:*:*:*:*
|
25.10.0 |
Vendor Fix
|
|
Oseon < 8.00.00
TRUMPF SE + Co. KG / Software / Oseon
|
vers:semver/<8.00.00 |
Vendor Fix
|
|
|
Oseon 7.04.23
TRUMPF SE + Co. KG / Software / Oseon
|
cpe:2.3:a:trumpf:oseon:7.04.23:*:*:*:*:*:*:*
|
7.04.23 |
Vendor Fix
|
|
Programming Tube < 6.9
TRUMPF SE + Co. KG / Software / Programming Tube
|
vers:semver/<6.9 |
Vendor Fix
|
|
|
Programming Tube 6.8
TRUMPF SE + Co. KG / Software / Programming Tube
|
cpe:2.3:a:trumpf:programmingtube:6.8.0:*:*:*:*:*:*:*
|
6.8 |
Vendor Fix
|
|
TruTops Cell < 2.77.0
TRUMPF SE + Co. KG / Software / TruTops Cell
|
vers:semver/<2.77.0 |
Vendor Fix
|
|
|
TruTops Cell 2.69.29
TRUMPF SE + Co. KG / Software / TruTops Cell
|
cpe:2.3:a:trumpf:trutopscell:2.69.29:*:*:*:*:*:*:*
|
2.69.29 |
Vendor Fix
|
|
TruTops Weld < 11.0
TRUMPF SE + Co. KG / Software / TruTops Weld
|
vers:semver/<11.0 |
Vendor Fix
|
|
|
TruTops Weld 10.0.133
TRUMPF SE + Co. KG / Software / TruTops Weld
|
cpe:2.3:a:trumpf:trutopsweld:10.0.133:*:*:*:*:*:*:*
|
10.0.133 |
Vendor Fix
|
|
TRUMPF License Expert < 2.3.2
TRUMPF SE + Co. KG / Software / TRUMPF License Expert
|
vers:semver/<2.3.2 |
Vendor Fix
|
|
|
TRUMPF License Expert 2.2.2
TRUMPF SE + Co. KG / Software / TRUMPF License Expert
|
cpe:2.3:a:trumpf:trumpflicenseexpert:2.2.2:*:*:*:*:*:*:*
|
2.2.2 |
Vendor Fix
|
References
6 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The TRUMPF product versions listed below include a Wibu CodeMeter component that is vulnerable to a privilege escalation vulnerability through the CodeMeter installer on Windows.",
"title": "Summary"
},
{
"category": "description",
"text": "The CodeMeter installer on Windows has a vulnerability that allows under certain circumstances an Escalation of Privileges for an unprivileged account. After installation on an unprivileged account with UAC using the built-in administrator account, CodeMeter launches the CodeMeter Control Center with system privileges.",
"title": "Impact"
},
{
"category": "legal_disclaimer",
"text": "This document is provided on an \\\"AS IS\\\" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. TRUMPF SE + Co. KG reserves the right to change or update this document at any time.",
"title": "Disclaimer"
},
{
"category": "description",
"text": "New versions are available for the affected products. These include an updated WiBu CodeMeter (bundled with TRUMPF License Expert). If your installation is affected, the easiest fix is to install the latest TRUMPF License Expert from https://www.trumpf.com/en_INT/products/software/software-licensing/.\n\n| Fixed Product | Version |\n| --------------------- | -------- |\n| TruTops Boost | 21.00.00 |\n| TecZone Bend | 25.11.1 |\n| Oseon | 8.00.00 |\n| Programming Tube | 6.9 |\n| TruTops Cell | 2.77.0 |\n| TruTops Weld | 11.0 |\n| TRUMPF License Expert | 2.3.2 |\n",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "product.security@trumpf.com",
"name": "Trumpf SE + Co. KG",
"namespace": "https://www.trumpf.com"
},
"references": [
{
"category": "external",
"summary": "Messages to TRUMPF PSIRT",
"url": "https://www.trumpf.com/en_GB/meta/security-with-trumpf/message-to-psirt/"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for TRUMPF SE + Co. KG",
"url": "https://certvde.com/en/advisories/vendor/trumpf/"
},
{
"category": "self",
"summary": "VDE-2026-007: TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2026-007"
},
{
"category": "self",
"summary": "VDE-2026-007: TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability - CSAF",
"url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-007.json"
},
{
"category": "external",
"summary": "CVE-2025-47809 - NVD",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47809"
},
{
"category": "external",
"summary": "TRUMPF License Expert",
"url": "https://www.trumpf.com/en_INT/products/software/software-licensing/"
}
],
"title": "TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability",
"tracking": {
"aliases": [
"VDE-2026-007"
],
"current_release_date": "2026-02-23T08:00:00.000Z",
"generator": {
"date": "2026-02-19T10:48:26.979Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.43"
}
},
"id": "VDE-2026-007",
"initial_release_date": "2026-02-23T08:00:00.000Z",
"revision_history": [
{
"date": "2026-02-23T08:00:00.000Z",
"number": "1.0.0",
"summary": "Initial version"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c21.00.00",
"product": {
"name": "TruTops Boost \u003c 21.00.00",
"product_id": "CSAFPID-00001"
}
},
{
"category": "product_version",
"name": "21.00.00",
"product": {
"name": "TruTops Boost 21.00.00",
"product_id": "CSAFPID-00002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopsboost:21.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "20.04.23",
"product": {
"name": "TruTops Boost 20.04.23",
"product_id": "CSAFPID-00003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopsboost:20.04.23:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "TruTops Boost"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c25.11.1",
"product": {
"name": "TecZone Bend \u003c 25.11.1",
"product_id": "CSAFPID-01001"
}
},
{
"category": "product_version",
"name": "25.11.1",
"product": {
"name": "TecZone Bend 25.11.1",
"product_id": "CSAFPID-01002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:teczonebend:25.11.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "25.10.0",
"product": {
"name": "TecZone Bend 25.10.0",
"product_id": "CSAFPID-01003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:teczonebend:25.10.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "TecZone Bend"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c8.00.00",
"product": {
"name": "Oseon \u003c 8.00.00",
"product_id": "CSAFPID-02001"
}
},
{
"category": "product_version",
"name": "8.00.00",
"product": {
"name": "Oseon 8.00.00",
"product_id": "CSAFPID-02002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:oseon:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "7.04.23",
"product": {
"name": "Oseon 7.04.23",
"product_id": "CSAFPID-02003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:oseon:7.04.23:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oseon"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c6.9",
"product": {
"name": "Programming Tube \u003c 6.9",
"product_id": "CSAFPID-03001"
}
},
{
"category": "product_version",
"name": "6.9",
"product": {
"name": "Programming Tube 6.9",
"product_id": "CSAFPID-03002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:programmingtube:6.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "6.8",
"product": {
"name": "Programming Tube 6.8",
"product_id": "CSAFPID-03003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:programmingtube:6.8.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Programming Tube"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c2.77.0",
"product": {
"name": "TruTops Cell \u003c 2.77.0",
"product_id": "CSAFPID-04001"
}
},
{
"category": "product_version",
"name": "2.77.0",
"product": {
"name": "TruTops Cell 2.77.0",
"product_id": "CSAFPID-04002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopscell:2.77.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.69.29",
"product": {
"name": "TruTops Cell 2.69.29",
"product_id": "CSAFPID-04003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopscell:2.69.29:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "TruTops Cell"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c11.0",
"product": {
"name": "TruTops Weld \u003c 11.0",
"product_id": "CSAFPID-05001"
}
},
{
"category": "product_version",
"name": "11.0",
"product": {
"name": "TruTops Weld 11.0",
"product_id": "CSAFPID-05002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopsweld:11.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "10.0.133",
"product": {
"name": "TruTops Weld 10.0.133",
"product_id": "CSAFPID-05003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trutopsweld:10.0.133:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "TruTops Weld"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c2.3.2",
"product": {
"name": "TRUMPF License Expert \u003c 2.3.2",
"product_id": "CSAFPID-06001"
}
},
{
"category": "product_version",
"name": "2.3.2",
"product": {
"name": "TRUMPF License Expert 2.3.2",
"product_id": "CSAFPID-06002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trumpflicenseexpert:2.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.2.2",
"product": {
"name": "TRUMPF License Expert 2.2.2",
"product_id": "CSAFPID-06003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:trumpf:trumpflicenseexpert:2.2.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "TRUMPF License Expert"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "TRUMPF SE + Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-00001",
"CSAFPID-00003",
"CSAFPID-01001",
"CSAFPID-01003",
"CSAFPID-02001",
"CSAFPID-02003",
"CSAFPID-03001",
"CSAFPID-03003",
"CSAFPID-04001",
"CSAFPID-04003",
"CSAFPID-05001",
"CSAFPID-05003",
"CSAFPID-06001",
"CSAFPID-06003"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-00002",
"CSAFPID-01002",
"CSAFPID-02002",
"CSAFPID-03002",
"CSAFPID-04002",
"CSAFPID-05002",
"CSAFPID-06002"
],
"summary": "Fixed Products."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47809",
"cwe": {
"id": "CWE-272",
"name": "Least Privilege Violation"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-00002",
"CSAFPID-01002",
"CSAFPID-02002",
"CSAFPID-03002",
"CSAFPID-04002",
"CSAFPID-05002",
"CSAFPID-06002"
],
"known_affected": [
"CSAFPID-00001",
"CSAFPID-00003",
"CSAFPID-01001",
"CSAFPID-01003",
"CSAFPID-02001",
"CSAFPID-02003",
"CSAFPID-03001",
"CSAFPID-03003",
"CSAFPID-04001",
"CSAFPID-04003",
"CSAFPID-05001",
"CSAFPID-05003",
"CSAFPID-06001",
"CSAFPID-06003"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-20T11:00:00.000Z",
"details": "New versions are available for the affected products. These include an updated WiBu CodeMeter (bundled with TRUMPF License Expert). If your installation is affected, the easiest fix is to install the latest TRUMPF License Expert from https://www.trumpf.com/en_INT/products/software/software-licensing/.\n\n| Fixed Product | Version |\n| --------------------- | -------- |\n| TruTops Boost | 21.00.00 |\n| TecZone Bend | 25.11.1 |\n| Oseon | 8.00.00 |\n| Programming Tube | 6.9 |\n| TruTops Cell | 2.77.0 |\n| TruTops Weld | 11.0 |\n| TRUMPF License Expert | 2.3.2 |\n",
"product_ids": [
"CSAFPID-00001",
"CSAFPID-00003",
"CSAFPID-01001",
"CSAFPID-01003",
"CSAFPID-02001",
"CSAFPID-02003",
"CSAFPID-03001",
"CSAFPID-03003",
"CSAFPID-04001",
"CSAFPID-04003",
"CSAFPID-05001",
"CSAFPID-05003",
"CSAFPID-06001",
"CSAFPID-06003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"temporalScore": 8.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-00001",
"CSAFPID-01001",
"CSAFPID-02001",
"CSAFPID-03001",
"CSAFPID-04001",
"CSAFPID-05001",
"CSAFPID-06001",
"CSAFPID-00003",
"CSAFPID-01003",
"CSAFPID-02003",
"CSAFPID-03003",
"CSAFPID-04003",
"CSAFPID-05003",
"CSAFPID-06003"
]
}
],
"title": "CVE-2025-47809"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…