Vulnerability in WibuKey Runtime included in WinCC OA

Discussion about security topics in WinCC OA!
Search
Advanced search
Post Reply
1 post • Page 1 of 1
User avatar
agruber
Posts: 147
Joined: Tue Sep 07, 2010 2:52 pm

Vulnerability in WibuKey Runtime included in WinCC OA

Post by agruber »

Dear customer,

The included version of WibuKey Runtime in WinCC OA, which will be installed when "hardware dongle support" is enabled, has two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level. More information about this can be found at: https://blog.talosintelligence.com/2019 ... ities.html

Wibu Systems already updated the WibuKey Runtime to version 6.50a which patches these vulnerabilities. It can be downloaded from https://www.wibu.com/ .

We tested the new runtime successfully, it can simply be applied upon the existing runtime.

Beginning from mid of February, new patches for WinCC OA will be shipped with the updated version of the WibuKey Runtime.

Best regards,
Andreas Gruber
WinCC OA Support
Top
Post Reply
1 post • Page 1 of 1

Return to “Security”