CVE-2020-14515
N/A
N/A
Summary
CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | CodeMeter | All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code. | affected |
Weaknesses
- CWE-347: IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.