Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk
ID: a8efc02b-edc5-5f29-9003-51e9b2c4a5f7
STIX ID: report--a8efc02b-edc5-5f29-9003-51e9b2c4a5f7
Feed Name: Securelist by Kaspersky
The report describes CVE-2024-2658: an Uncontrolled Search Path Element in FlexNet Publisher within Schneider Electric Floating License Manager that uses a hardcoded openssl.cnf path allowing a local non-admin to craft a rogue configuration to load a malicious DLL into lmadmin.exe, potentially enabling privilege escalation to NT AUTHORITY\SYSTEM; it includes exploit details, recommended mitigations (patching, restricting C:\cygwin permissions, hosting FLM on a dedicated server or removing it) and detection guidance using Kaspersky solutions.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
