Several vulnerabilities in CodeMeter Runtime have been disclosed on the website of WIBU Systems on September 8, 2020. CodeMeter Runtime is used in the license management of MERLIC and the HALCON Progress Student Edition. No other HALCON editions are affected. Successful exploitation of these vulnerabilities could potentially lead to remote code execution or prevent normal operation of the MVTec software which depends on CodeMeter Runtime.
MVTec and WIBU Systems are working on updates for affected products. Before these updates are available MVTec strongly recommends to update CodeMeter Runtime to version 7.10 (no matter from which source you obtained CodeMeter Runtime) to avoid remote access. This version can be downloaded from WIBU Systems here.