Lmgrd and Vendor Daemon Security Vulnerabilities

Description

Four vulnerabilities were reported in the Flexera FNP toolkit, three of which could be exploited to cause a denial of service (DoS) and one of which could potentially allow execution of arbitrary code (although an exploit to verify this has not been seen). These vulnerabilities only impact the ArcGIS License Manager, version 2018.1 and older on all platforms. These vulnerabilities do not affect the client applications such as ArcGIS Desktop, ArcGIS Engine, Esri CityEngine, etc.

Solution or Workaround

The issue can be resolved by upgrading to the ArcGIS License Manager 2019.0, which includes FNP 11.16.2.1, the version in which these vulnerabilities have been addressed.