FlexNet Publisher (formerly known as FLEXlm) is a software license manager that provides software vendors with control over their products' usage. It provides capabilities to manage and track software usage and deliver concurrent licensing. It enables vendors to enforce product license compliance and report on product usage for the optimal management of software assets.

FlexNet Publisher

Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode (a) 0x107 or (b) 0x10a.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2015-8277	CRITICAL	9.8	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Feb 24, 2016
CVE-2024-2658	HIGH	8.5	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Jan 30, 2025
CVE-2016-10395	HIGH	7.8	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Jun 15, 2017
CVE-2017-5571	MEDIUM	6.1	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Mar 03, 2017
CVE-2019-25313	MEDIUM	5.1	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Feb 11, 2026

CVE-2015-8277:
FlexNet Publisher vulnerability analysis and mitigation

9.8

Related FlexNet Publisher vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2015-8277: FlexNet Publisher vulnerability analysis and mitigation