PROBLEM
A security vulnerability, CVE-2016-10395, has been reported in FlexNet Publisher versions 11.14.1.0 and earlier that malicious users can exploit to potentially gain escalated privileges to the local system.
This Flexera security vulnerability impacts all ArcGIS systems released on Windows from ArcGIS 10.1 and above, including ArcGIS 10.5.1.
CVE-2016-10395. For further information, refer to the Related Information section below.
This security issue is fixed in version 11.14.1.2 (FlexNet Publisher 2016 R2 SP2) and is deployed as the ArcGIS Security Update for Flexera CVE-2016-10395.
Please upgrade the FlexNet licensing service using the ArcGIS Security Update for Flexera CVE-2016-10395. This update applies to all affected ArcGIS products and is backward-compatible to ArcGIS version 10.1.
The update is available for download as QFE-1051-FLEX-361600: ArcGIS Security Update for Flexera CVE-2016-10395, available via the Technical Support web page.
Steps to Install:
The setup automatically detects and upgrades the FlexNet Publisher licensing service. Please save all work and exit all ArcGIS programs before performing this upgrade. After the upgrade is complete, restart the applications.
Get help from ArcGIS experts
Download the Esri Support App