WIBU Systems CodeMeter Runtime vulnerability in MVTec products

Several vulnerabilities in CodeMeter Runtime have been disclosed in the Security Advisories of WIBU Systems on June 15, 2021. CodeMeter Runtime is used in the license management of MVTec MERLIC and the HALCON Progress Student Edition. No other HALCON editions are affected. Successful exploitation of these vulnerabilities could potentially lead to a denial of service (DoS). However, a potential attacker must already have local access to the local system.

MVTec is working on updates for the affected products. Before these updates are available MVTec strongly recommends to update CodeMeter Runtime to version 7.21a (no matter from which source you obtained CodeMeter Runtime) to avoid exploitation. This version can be downloaded from WIBU Systems here.