cvedb.io
CVE-2018-20033
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2019-02-25T20:29:00.233 · Last modified 2026-06-17T01:52:12.767

Summary

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.

Affected products

flexera — flexnet_publisher

Does this affect you?

Add your gear to cvedb and we'll alert you only when flexera ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.