Security News > 2020 > September > ICS Vendors Release Advisories for CodeMeter Vulnerabilities
Several major industrial control system vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems.
The company's researchers showed how an attacker can launch attacks by setting up a malicious website and luring targeted users to it, or by creating their own CodeMeter API and client and sending commands to devices running CodeMeter.
The company has released an Activation Wizard update that installs CodeMeter 7.10 and patches the vulnerabilities.
The company has advised customers to update CodeMeter and use a local firewall to prevent unauthorized access to devices running CodeMeter.
The company expects to release an e!COCKPIT update containing the latest CodeMeter version in the fourth quarter and in the meantime it has advised customers to manually update CodeMeter.