CISA has published an advisory on improper input validation and memory corruption vulnerabilities in Flexera FlexNet Publisher. Versions 2018 R3 and prior are affected. These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. The memory corruption vulnerability could allow remote code execution. Flexera recommends all users using affected versions of FlexNet Publisher upgrade to Version 2018 R4 or newer as soon as possible. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at WaterISAC.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!