Four vulnerabilities were reported in the Flexera FNP toolkit, three of which could be exploited to cause a denial of service (DoS) and one of which could potentially allow execution of arbitrary code (although an exploit to verify this has not been seen). These vulnerabilities only impact the ArcGIS License Manager, version 2018.1 and older on all platforms. These vulnerabilities do not affect the client applications such as ArcGIS Desktop, ArcGIS Engine, Esri CityEngine, etc.
The issue can be resolved by upgrading to the ArcGIS License Manager 2019.0, which includes FNP 22.214.171.124, the version in which these vulnerabilities have been addressed.
Get help from ArcGIS experts
Download the Esri Support App