Cybersecurity
Vulnerabilities in common software
Analysts from Kaspersky Lab ICS CERT (Industrial Control Systems Cyber Emergency Response Team) have found a number of serious vulnerabilities in the "Hardware Against Software Piracy (HASP)" license management system. The system is frequently used in corporate and ICS environments to activate licensed software. Hundreds of thousands or more systems worldwide are therefore likely to be affected by this vulnerability, according to Kaspersky.
A total of 14 vulnerabilities were identified in the components of the software solution, including several DoS vulnerabilities (denial of service) and various RCEs (remote execution of arbitrary code), which can be exploited automatically with the highest system rights instead of normal user rights, for example. Attackers can thus execute any code they want. All identified vulnerabilities are potentially highly dangerous and could cause serious damage to companies.
The USB tokens in question for activating software licenses usually work as follows: a system administrator who needs to activate software on a computer would insert the token. The token then checks whether the software in question is actually legitimate (i.e. not a pirated copy) and activates it so that the user of the PC or server can use it. When the token is connected to the PC or server for the first time, the Windows operating system downloads the appropriate software driver from the manufacturer's server so that the token can work properly with the computer. It is also possible that the driver is installed together with third-party software that uses the said system for license protection.
According to the Kaspersky experts, once installed, the software places port 1947 on the Windows firewall exception list without properly notifying the user, thus enabling remote attacks. sw
Embedded World, Hall 4, Stand 369
You might also be interested in
Conrad continues to grow
Conrad Electronic now generates 80% of its sales with business customers and has successfully developed from a traditional technology retailer into a B2B procurement platform. The company aims to become Europe's leading procurement platform for...
read more...AI finds its way into automotive customer service
In addition to computer solutions for vehicle diagnostics, Getac now also offers AI-based digital tools that support customer contact in service operations.
read more...SMC: "Preferred Supplier" from Bosch
The technology and service company Bosch has recognized SMC for the performance of its automation technology in factory and process automation and awarded it the status of "Preferred Supplier" in the material group "Standardized Pneumatic Devices".
read more...Combined ERP forces
The medium-sized ERP providers Step Ahead Software, Godesys and Informing merge to form the Step Ahead Group.
read more...Cybersecurity for asset-intensive companies
Forge Cybersecurity Platform, the new software platform from Honeywell, has been developed for the cybersecurity of asset-intensive companies and critical infrastructures. The platform is available in three versions.
read more...Automated machine tool as a success factor
Industry 4.0 is the hot topic of the moment. For small and medium-sized companies and contract manufacturers, it holds great potential for increasing production efficiency step by step. The focus here is on efficient and user-specific automation...
read more...Nemo hand vacuum lifts all materials
A new addition to the Eurotech portfolio is the battery-operated Nemo vacuum cleaner, which is suitable for handling almost all surfaces.
read more...Future-oriented cobot projects
Three pillars of successful cobot initiatives
What is important if cobot projects are to be future-oriented? Automation and robotics expert Omron has identified three aspects for human-machine collaboration.
read more...Short-stroke linear actuator instead of pneumatic cylinders
The new short-stroke linear actuator from Ketterer Antriebe and halstrup-walcher is characterized by high dynamics and a large stroke in a compact size. Thanks to the integrated electronics, the drive is easy to control compared to pneumatic...
read more...