Multiple Vulnerabilities in WibuKey for Windows
Plan Patch8.8SSA-368868Oct 8, 2024
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
WibuKey Dongles are used by Siemens products for software licensing on Windows. The Windows device driver for WibuKey Dongles contains multiple vulnerabilities (CWE-119: buffer overflow or similar memory safety issues) that could allow local privilege escalation or code execution.
What this means
What could happen
An attacker with local access to a Windows engineering workstation running WibuKey could exploit the driver to gain system-level control, potentially allowing modification of licensed software configurations or disruption of engineering tools used to manage plant operations.
Who's at risk
Any organization using Siemens PSS(R)SINCAL or other Siemens products that employ WibuKey Dongles for software licensing on Windows engineering workstations, including power system planning tools and utility control software.
How it could be exploited
An attacker with local user-level access to a Windows workstation that has WibuKey Dongles connected and the vulnerable driver installed can exploit the memory safety vulnerability in the kernel-mode driver to escalate privileges and execute arbitrary code with system rights.
Prerequisites
- Local access to Windows workstation
- WibuKey Dongle physically connected or previously connected
- Vulnerable WibuKey Runtime driver installed
- Non-administrative user account
locally exploitablelow complexityrequires user-level access onlyaffects engineering workstations
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
PSS(R)SINCALAll versionsNo fix yet
Remediation & Mitigation
0/3
Do now
0/1HARDENINGRestrict physical USB access to workstations with WibuKey Dongles; ensure WibuKey is only connected during required licensing operations
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate WibuKey Runtime for Windows to version 6.70 or later
Long-term hardening
0/1HARDENINGLimit local user access on engineering workstations running WibuKey; enforce strong authentication and workstation hardening
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/85a23012-55f7-4f13-a1de-be18bce4ff3e