Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

August 9, 2024 Jeff Arbogast

Issue:
Autodesk: revenera CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue.
potential vulnerability has been identified in FlexNet Publisher.

https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2024-2658-FlexNet-Publisher-potential-local-privilege/ta-p/313003/jump-to/first-unread-message

Causes:
Possible vulnerability.

Solution:

Autodesk Statement
• According to Revenera's article, the vulnerability is restricted to lmadmin.exe (affected module) which Autodesk doesn’t ship or use as part of the Network License Manager (NLM) installer to customers. Hence the shipped LMTOOLS is not affected by the vulnerability and doesn't require an immediate upgrade to the version 11.19.6

• Producers utilizing the vendor daemon with secure communications (TLS communications) enabled prior to FlexNet Publisher version 2024 R1: This vulnerability could affect producers who are using a secured communication protocol. However, it does not impact the Autodesk vendor daemon (adskflex.exe) as Autodesk does not currently support or use secured communications.

About the Author

Manufacturing Solution Center Team Lead<br><br>Jeff is responsible for manufacturing Technical Support for both internal staff and customers. In addition to the daily activities of the support center, he helps write for the National Support Center blog, and has written online classes for the IMAGINiT training on demand site.
Follow on Linkedin More Content by Jeff Arbogast

How to Install IMAGINiT Utilities for Civil 3D 2025 Standalone

You need to install the Standalone IMAGINiT Utilities for Civil 3D 2025-2020 and want to know how. Here's t...

Finish appearance override not displaying in Inventor drawing view

Finish appearances are not displaying in Inventor drawing view even if saved in a Model State. The finish...

Get Tips Delivered.

Subscribe to Email Updates.

Email Address

First Name

Last Name

Country

Thank you!

Error - something went wrong!

Return to Resources

Welcome to our Hub

Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

About the Author

Previous Article

Next Article

Solutions Beyond Software™

Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

About the Author

Previous Article

Next Article

Most Recent Articles

How to use model checker to build data visualization dashboard with Revit and PowerBI

When You need to install an Autodesk product on a machine that has restricted or no Internet connection, here's what you need to know and do.

Having an apostrophe in the parent folder name can prevent AutoCAD Electrical BOM Export in Vault.

While installing an Autodesk product on a Windows machine, a message appears saying: "There has been an error. Error while touching C:\ProgramData\Autodesk\ODIS\AdODISInstaller.run.lock"

When generating and isometric from a pipe run fails and “Isometric Creation Complete” balloon shows “errors were encountered”.

Need to edit/rename an attribute tag within Plant 3D title block file to have the same attribute tag value in multiple locations in AutoCAD Plant 3D.

When trying to change the layer association from the layer dropdown list in the ribbon to assign to the North arrow or bar scale, the layer list will close.

When routing a duct with Design Line, the bends automatically default to a square bend for all duct sizes

This is caused by the display style being set to anything except 2D Wireframe.

This probably isn’t something that comes up very often, but in case it ever does, here is a way that you can cut a component family.

After installing Inventor Nastran, the "Autodesk Inventor Nastran" button does not appear in Autodesk Inventor under the Environment tab.

Interface built into Inventor that allows users to access commonly used company data without leaving the Inventor program.

When installing Revit you receive the error message "Autodesk Revit is already installed" despite already uninstalling Revit from your machine.

Publishing a Factory Asset in Inventor fails while trying to publish the 2D drawing. Here's what you need to know and do.

When you open a drawing in AutoCAD extensions for the first time, it will prompt you to enter basic information about the drawing, like the building and floor codes.

The drawings do not publish or appear incorrectly in the web central space console in Eptura Archibus Web Central

Use the RENAME command. Find what needs to be corrected and click on it.

Issue: layers with $ in their names. Here's what you need to know and do to fix the issue.

You will have to download the Bluebeam deployment package (MSI). This post contains all the steps you need to accomplish this.

Dashed lines are displaying as solid lines in the Revit plan view. Here's what you need to know and to to address this issue.

Solutions Beyond Software™