Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level in WIBU-SYSTEMS WibuKey. WibuKey is a USB key designed to protect software and intellectual properties. It allows the users to manage software license via USB key. A third vulnerability is located in userland and can be triggered remotely, as it’s located in the network manager.
In accordance with our coordinated disclosure policy, Talos worked with WIBU SYSTEMS to ensure that these issues are resolved and that an update is available for affected customers.