FlexNet Publisher (formerly known as FLEXlm) is a software license manager that provides software vendors with control over their products' usage. It provides capabilities to manage and track software usage and deliver concurrent licensing. It enables vendors to enforce product license compliance and report on product usage for the optimal management of software assets.

FlexNet Publisher

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2015-8277	CRITICAL	9.8	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Feb 24, 2016
CVE-2024-2658	HIGH	8.5	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Jan 30, 2025
CVE-2016-10395	HIGH	7.8	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Jun 15, 2017
CVE-2017-5571	MEDIUM	6.1	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Mar 03, 2017
CVE-2019-25313	MEDIUM	5.1	FlexNet Publisher	cpe:2.3:a:flexerasoftware:flexnet_publisher	No	Yes	Feb 11, 2026

CVE-2016-10395:
FlexNet Publisher vulnerability analysis and mitigation

7.8

Related FlexNet Publisher vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2016-10395: FlexNet Publisher vulnerability analysis and mitigation