Filtered by vendor Wibu Subscriptions
Filtered by product Wibukey Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-3991 3 Microsoft, Siemens, Wibu 3 Windows, Simatic Wincc Open Architecture, Wibukey 2024-11-21 N/A
An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.
CVE-2018-3990 2 Microsoft, Wibu 2 Windows, Wibukey 2024-11-21 N/A
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.
CVE-2018-3989 2 Microsoft, Wibu 2 Windows, Wibukey 2024-11-21 N/A
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
CVE-2024-45182 2 Microsoft, Wibu 2 Windows, Wibukey 2024-10-30 5.5 Medium
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service.
CVE-2024-45181 2 Microsoft, Wibu 2 Windows, Wibukey 2024-09-18 8.8 High
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption.