This may allow an attacker to execute arbitrary commands by sending a specifically crafted packet. The packet parsing mechanism of CodeMeter does not verify its length field values causing it to access memory outside the bounds of the buffer. FactoryTalk ® View Site Edition (SE) softwareĬVE-2020-14509: Arbitrary Command Execution Due to Buffer Access with Incorrect Length Value of CodeMeter.FactoryTalk ® View Machine Edition (ME) software.FactoryTalk ® Transaction Manager software.FactoryTalk ® Information Server software.FactoryTalk ® Historian Classic software.FactoryTalk ® Historian Site Edition (SE) software.Customers who use the products from the following list in their install base contain FactoryTalk Activation Manager. The following products require FactoryTalk Activation Manager to store and keep track of Rockwell Automation software products and activation files. FactoryTalk Activation (FTA) Manager v4.05.00 and earlier running Wibu-Systems CodeMeter v7.10 or earlier.