Former vulnerability (CVE-2018-20033 (flexnet_publisher) ) – But enterprise firm must be vigilant! vigilant!

Preface: FlexNet Publisher (formerly known as FLEXlm) is a software license manager from Flexera Software which implements license management and is intended to be used in corporate environments to provide floating licenses to multiple end users of computer software.

Vulnerability background: The design weakness found on 2018. But the official announcement was release on 2019-01-28.

Vulnerability detail: Allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop.

Impact: A successful exploit could allow the attacker to cause the affected software to stop responding, or use the memory corruption to execute arbitrary code.

Official announcement: