zenon services - unquoted service path vulnerability can result in privilige escalation

• Related Articles

• CD_SVA_2023_3: Wibu Systems - CodeMeter Runtime - security vulnerability addressed

  A report has been received for the following security vulnerability in the zenon software platform: CVE-2023-3935 Further details regarding the vulnerability, mitigation options and product fixes that may be available, can be found in the document ...

• FAQ: Are products in the zenon product family affected by the vulnerability, labelled BlastRADIUS?

  The vulnerability labelled BlastRADIUS is a vulnerability in the RADIUS protocol, also known under the reference CVE-2024-3596. The zenon IIoT Services Identity Service supports an Identity Provider for authentication against RADIUS server, that can ...

• FAQ: CD_SVA_2022_1: Vulnerability in zenon Software platform

  Summary  COPA-DATA received a report from Security Researcher Ruben Santamarta detailing a security vulnerability for the zenon Logging Service which is part of the zenon platform standard deployment. Based on this vulnerability additional ...

• CD_SVA_2024_1: Vulnerability in the zenon Software Platform Engineering Studio and Service Engine

  Summary COPA-DATA has received a report by an external party detailing a security vulnerability in the zenon Software Platform and its OEM versions on Windows systems. This vulnerability has been fixed. Description A security vulnerability in the ...

• Is the zenon product family affected by the vulnerability CVE-2022-0778 in OpenSSL?

  A vulnerability in OpenSSL has been published with the ID CVE-2022-0778, detailing a potential issue of an endless loop resulting in a denial of service, when specific invalid certificates are parsed.  Version 11 includes OpenSSL 1.1.1N that resolves ...