I have the same question Report abuse. Details required :. Cancel Submit. From issue description, we understand that you get error while connecting dongle.
Let me go ahead and help you with the issue. Please answer these questions, which will help us in assisting you better. Does the issue occur when you connect the dongle to another computer? Did you make any changes in the computer prior to the issue? Click the Start button. And companies that use vulnerable systems are not always physically able to install a patch or this installation may involve significant costs interrupted operation of the systems to be updated, the cost of work related to installing updates, etc.
We assess risks based on our experience of a security system developer and supplier. We are convinced that it is absolutely essential to inform users of vulnerable software about the new threat and the need to update their software as soon as possible. This certainly does not guarantee that all users of vulnerable systems will promptly update them and the threat will go away. However, in our experience, if this is not done very few users update their systems in a timely manner, even if patches are available.
We confront hundreds of thousands of new threats every day and we can see that threat actors are on a constant lookout for new attack opportunities. And we realize that by keeping silent about problems we give those threat actors a chance. This is why we decided to share information on one of our discoveries: according to our research, connecting a software license management token to a computer may open a hidden remote access channel for an attacker.
While performing various penetration tests, Kaspersky Lab ICS CERT experts repeatedly encountered the same service on the computers of customers who used software and hardware solutions by different industrial vendors. The service was hasplms. The solution provides license control for software used by customers and is widely used in ICS and IT systems. The hardware part is a USB token. The token needs to be connected to a PC or server on which a software license is required.
Some of the USB token models are listed in the table below. The token must be plugged in every time the software is started and remain connected while it is in use. The software part of the Gemalto solution is installed once and remains functional regardless of the life cycle of the software requiring a token.
This Gemalto solution is used in products by other software vendors, including such companies as ABB, General Electric, HP, Cadac Group, Zemax and many other organizations, the number of which, according to some estimates, reaches 40 thousand. The number of end users who use Gemalto solutions is not known. However, if each company has clients, the number of users is in the millions. Unfortunately, few people realize that connecting a token to a computer to control licenses may not be a safe thing to do.
The protocol type was defined by the network packet header — either HTTP or a proprietary binary protocol was used. Analyzing the service was made more difficult by the fact that the binary file used a VMProtect-type protector and generated its bytecode from the original Gemalto code. First of all, we looked at the localization function — the user could download language packs consisting of two files, one of which was localize. The second file, in HTML format, had parameters, one of which turned out to be vulnerable to buffer overflow.
As a result, a simple buffer overflow could allow an attacker to execute arbitrary code on the remote system. Note that such software development flaws are very rare in modern solutions. As a rule, secure coding practices are implemented when developing serious commercial products such as SDL — security development lifecycle , which means that security is designed into applications at the development stage, rather than being implemented as an additional option.
This attack vector can be used without LPE local privilege escalation — the vulnerable process runs with SYSTEM privileges, enabling malicious code to run with the highest privileges.
Licensing Troubleshooter. Switch To: SmartBear. Academy Open in new tab. Community Open in new tab. License Portal Open in new tab. Store Open in new tab. Migrating to Jira Cloud? Learn more.
0コメント