You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2023-38545
About this tag
CVE-2023-38545 is a high-risk heap buffer overflow vulnerability in the SOCKS5 handshake implementation of curl 8.4.0, which is embedded in third-party CodeMeter Runtime by WIBU Systems. On WindowsForum.com, discussions cover Siemens ProductCERT advisories urging immediate updates to CodeMeter Runtime in Desigo CC building management platforms and SENTRON Powermanager. Additionally, Microsoft has released security updates addressing CVE-2023-38545 in supported versions of Microsoft Office, as the flaw could allow attackers to perform unauthorized actions. The tag aggregates threads about patching strategies, affected software versions, and mitigation steps for enterprise environments using Siemens or Microsoft products.
Siemens’ ProductCERT has republished a high‑risk advisory: a heap‑based buffer overflow in the third‑party WIBU Systems CodeMeter Runtime (root cause: a vulnerable libcurl SOCKS5 handshake, CVE‑2023‑38545) is present inside several Desigo CC product family builds and the Desigo CC‑based SENTRON...
Microsoft has recently announced security updates to address CVE-2023-38545, a significant vulnerability affecting several supported versions of Microsoft Office applications. This security flaw, identified as a heap buffer overflow in the SOCKS5 implementation within curl 8.4.0, raises...