Summary
A potential vulnerability has been identified in FlexNet Publisher affecting versions prior to 2024 R1 (11.19.6.0). This issue may allow local privilege escalation due to an uncontrolled search path element. We advise customers to upgrade their FlexNet Publisher lmadmin.exe and FlexNet Publisher to version 2024 R1 (11.19.6.0) where this issue has been resolved.
Producers potentially affected by this issue include:
- Producers using lmadmin.exe prior to version 2024 R1 are affected by this vulnerability.
- Producers utilizing the vendor daemon with secure communications (TLS communications) enabled prior to FlexNet Publisher version 2024 R1 are affected by this vulnerability.
Description
A misconfiguration in FlexNet Publisher lmadmin.exe allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.
Fix Version and Resolution
This issue is addressed in FlexNet Publisher 2024 R1 (11.19.6.0) release. As a precaution, we strongly advise producers to upgrade to FlexNet Publisher 2024 R1 (11.19.6.0) or later if they are affected. End users can reach out to their providers to ascertain whether they are impacted.
The latest version of the lmadmin can be downloaded from the FlexNet Publisher lmadmin download links page.
Producers can download the latest version of the FlexNet Publisher from the Product and License Center.
Additional Information
CVSS Score / Severity:
- NVD: Score not available
- According to Flexera's Secunia Research criticality rating, the vulnerability has been rated as "Less Critical" (on a scale of "Not", "Less", "Moderately", "Highly", "Extremely"). The CVSS v3.1 base score has been set to 7.8.
- It is important to note that the CVSS score may not completely represent all aspects of a vulnerability and its exploitation. Even minor vulnerabilities may end up receiving a relatively high score.
- For reference, please see the knowledge base article that clarifies the differences between Flexera's Secunia Research criticality rating and the CVSS rating: https://community.flexera.com/s/article/comparison-of-vulnerability-ratings-produced-using-the-cvss-scores-and-the-criticality-ratings-assigned-by-secunia-research
Link to CVE:
- https://www.cve.org/CVERecord?id=CVE-2024-2658
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2658
Credit:
For identifying this issue and disclosing it to Revenera PSIRT under the responsible disclosure process, we'd like to credit Xavier DANEST working with Trend Micro Zero Day Initiative.
Related Articles
CVE-2024-7562: Privilege Escalation Vulnerability in Created MSI Packages 127Number of Views CVE-2026-4869: Potential Privilege Escalation in InstallShield 2025 R2 running Setup Prerequisites from an insecure directory 7Number of Views CVE-2023-29080: Security patch for the possible privileged escalation scenarios identified in InstallShield 11Number of Views CVE-2024-3310: Privilege Escalation Vulnerability During MSI Repair 6Number of Views CVE-2024-14012: Potential Privilege Escalation in InstallShield 2023 R1 3Number of Views
Hi, I am Reva - Ask me anything.
No new updates
Thanks for the feedback!
Your feedback has been saved.Rate this response:
Add Additional feedback ( Optional )
Are you sure you want to cancel
the case creation?
Are you sure you want to cancel the case creation?
Are you sure you want to close this case
| Products | Region | Phone Numbers |
|---|---|---|
| FlexNet Operations FlexNet Embedded FlexNet Publisher FlexNet Connect FlexNet Code Insight InstallAnywhere InstallShield |
North America * |
+1 630-332-2513 (toll) +1 877-279-2853 (toll-free in North America) |
| Europe * |
+44 1925 944367 (toll) +44 800 047 8642 (toll-free in Europe) |
|
| Japan * | +81 3-4540-5335 (select option 2) | |
| Australia * |
+61 3 9895 2177 +61 1800 560 603 (toll-free in Australia) |
|
|
Usage Intelligence (formerly
Revulytics) Compliance Intelligence |
Please use the Case Portal to submit your support ticket or reach out to your Revenera contact. | |
Revenera Assistant
Case id: 00001065
Activity: Status change: 2 hours ago