Flexera allowed the flexibility to activate to a local machine, to a network share file or to a physical dongle by associating the activation to a physical host ID like a hard drive serial number, NIC card MAC address, or a dongle serial number. The Age of Flexera FactoryTalk Activationįlexera was a major technology leap over EVRSI. The original FactoryTalk Activation used Flexera technology and most recently moved to CodeMeter.
Rockwell Automation would convert the EVRSI to FactoryTalk Activation at no cost. That technology no longer supported was replaced with FactoryTalk® Activation. These were 1.44 floppy disks, and the activation was physically moved off the floppy to a local hard drive. For us old-timers, there were EVRSI activations. Previously, the Agency for Cybersecurity and Infrastructure Security (CISA) also published a report on these failures, alerting industrial environments with implementations of Rockwell Automation, Schneider Electric, Siemens and Wago.Over time, Rockwell Automation® deployed different software activation techniques. When processing this license, CodeMeter generates a DoS condition. In the report, researchers detail a possible attack scenario that requires a threat actor to configure a malicious website to send a malicious license to the target user. CodeMeter version 7.10 contains all the necessary patches.Ĭlaroty has reported many other flaws found in CodeMeter, including multiple memory corruption errors, encryption failures, and other weaknesses that allow you to deploy denial of service (DoS) attacks, arbitrary code execution, among other attacks. Researchers reported this finding to CodeMeter in February 2019, although updates were released at different times over the past year. The report, prepared by security firm Claroty, mentions that some of the flaws could be exploited to launch attacks on critical industrial control systems, disrupting processes, installing ransomware or even running additional exploits. CodeMeter also inherited some problems from WibuKey, a DRM solution widely used for Siemens industrial products that also had continuous failures.
Download our new paper here: - Mike_Mimoso September 9, 2020īecause CodeMeter supports a wide range of industrial applications, controllers, and even Internet of Things (IoT) devices, the scope of a potential attack is considerable. New Research: provides details on 6 critical vulns patched by Wibu-Systems in its CodeMeter product, which is used widely in ICS products and OT networks.
0 kommentar(er)
