logo

Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk

ID: a8efc02b-edc5-5f29-9003-51e9b2c4a5f7

STIX ID: report--a8efc02b-edc5-5f29-9003-51e9b2c4a5f7

Feed Name: Securelist by Kaspersky

Threat Score
70/100

Date Published: 2026-06-26

Date Updated: 2026-07-02

Author: Valery Akulenko

...
...

The report describes CVE-2024-2658: an Uncontrolled Search Path Element in FlexNet Publisher within Schneider Electric Floating License Manager that uses a hardcoded openssl.cnf path allowing a local non-admin to craft a rogue configuration to load a malicious DLL into lmadmin.exe, potentially enabling privilege escalation to NT AUTHORITY\SYSTEM; it includes exploit details, recommended mitigations (patching, restricting C:\cygwin permissions, hosting FLM on a dedicated server or removing it) and detection guidance using Kaspersky solutions.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.