Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

August 9, 2024 Jeff Arbogast

Issue:
Autodesk: revenera CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue.
potential vulnerability has been identified in FlexNet Publisher.

https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2024-2658-FlexNet-Publisher-potential-local-privilege/ta-p/313003/jump-to/first-unread-message

Causes:
Possible vulnerability.

Solution:

Autodesk Statement
• According to Revenera's article, the vulnerability is restricted to lmadmin.exe (affected module) which Autodesk doesn’t ship or use as part of the Network License Manager (NLM) installer to customers. Hence the shipped LMTOOLS is not affected by the vulnerability and doesn't require an immediate upgrade to the version 11.19.6

• Producers utilizing the vendor daemon with secure communications (TLS communications) enabled prior to FlexNet Publisher version 2024 R1: This vulnerability could affect producers who are using a secured communication protocol. However, it does not impact the Autodesk vendor daemon (adskflex.exe) as Autodesk does not currently support or use secured communications.

About the Author

Manufacturing Solution Center Team Lead<br><br>Jeff is responsible for manufacturing Technical Support for both internal staff and customers. In addition to the daily activities of the support center, he helps write for the National Support Center blog, and has written online classes for the IMAGINiT training on demand site.
Follow on Linkedin More Content by Jeff Arbogast

How to Install IMAGINiT Utilities for Civil 3D 2025 Standalone

You need to install the Standalone IMAGINiT Utilities for Civil 3D 2025-2020 and want to know how. Here's t...

Finish appearance override not displaying in Inventor drawing view

Finish appearances are not displaying in Inventor drawing view even if saved in a Model State. The finish...

Get Tips Delivered.

Subscribe to Email Updates.

Email Address

First Name

Last Name

Country

Thank you!

Error - something went wrong!

Return to Resources

Welcome to our Hub

Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

About the Author

Previous Article

Next Article

Solutions Beyond Software™

Autodesk: Possible vulnerability revenera “CVE-2024-2658: FlexNet Publisher potential local privilege escalation issue”

About the Author

Previous Article

Next Article

Most Recent Articles

After installing Inventor Nastran, the "Autodesk Inventor Nastran" button does not appear in Autodesk Inventor under the Environment tab.

Interface built into Inventor that allows users to access commonly used company data without leaving the Inventor program.

When installing Revit you receive the error message "Autodesk Revit is already installed" despite already uninstalling Revit from your machine.

When you open a drawing in AutoCAD extensions for the first time, it will prompt you to enter basic information about the drawing, like the building and floor codes.

Use the RENAME command. Find what needs to be corrected and click on it.

Issue: layers with $ in their names. Here's what you need to know and do to fix the issue.

You will have to download the Bluebeam deployment package (MSI). This post contains all the steps you need to accomplish this.

Dashed lines are displaying as solid lines in the Revit plan view. Here's what you need to know and to to address this issue.

The drawings do not publish or appear incorrectly in the web central space console in Archibus. Here's the first part of what you need to know and do.

FormIt Pro hangs during opening the application

Several users have reported encountering a Schema Conflict issue in Revit 2024.

Undocked panel disappears and often locks the screen

Solutions Beyond Software™