The following inventory agent and inventory beacon hotfix has been made available for download through the Product and License Center. This hotfix is for a potential vulnerability that exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and earlier installations on Microsoft Windows. The vulnerability can potentially allow locally authenticated users to modify otherwise restricted files. The gain of further local privileges has not been reported. However, out of an abundance of caution, Flexera will not rule this out.

 

Flexera advises that you should deploy security update IOJ-2210678 to all applicable devices/systems running FlexNet inventory agent and inventory beacon for the Microsoft Windows platform without delay. FlexNet Manager Suite Cloud customers who have auto-upgrade turned off should upgrade their FlexNet inventory agent to version 17.0.2 (if FlexNet Manager Suite was used to deploy/upgrade FlexNet inventory agent for Windows) and inventory beacons to version 17.0.2.41 or later.