CVE-2024-2658

Summary

CVE-2024-2658 is a newly disclosed vulnerability affecting FlexNet Publisher versions prior to 2024 R1 (11.19.6.0). This issue arises due to a misconfiguration in lmadmin.exe, which enables an unauthorized, locally authenticated user with low privileges to load a malicious openssl.conf file. The attacker can potentially create a directory for the file in a non-existent location, enabling the execution of a specially crafted DLL with elevated privileges. This vulnerability poses a significant risk, as it allows for privilege escalation and can lead to serious security consequences. It is strongly recommended that users upgrade to the latest version of FlexNet Publisher to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.