Sept. 08, 2020 – Updated Feb. 17, 2021

The following list represents the vendors affected by the critical vulnerabilities uncovered by Claroty in Wibu-Systems’s CodeMeter license-management component. The list contains vendors that the Industrial Control Systems Computer Emergency Response Team (ICS-CERT) has listed as having been contacted and affected, and those that have published their own advisories. Please find the ICS-CERT advisory here. Wibu-Systems has also published an advisory here.

Claroty has also published a related GitHub page.

For additional resources:

This list will be updated periodically. Vendors wishing to contact Claroty researchers should reach out to secure@claroty.com. Find Claroty’s public PGP key here.

Affected Vendors

This list was last updated Feb. 17, 2021.