High severity7.8NVD Advisory· Published Jun 15, 2017· Updated May 13, 2026

CVE-2016-10395

Description

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

Affected products

Flexerasoftware/Flexnet Publisher
cpe:2.3:a:flexerasoftware:flexnet_publisher:*:*:*:*:*:*:*:*
Range: <=11.14.1
Flexera Software LLC/FlexNet Publisherv5
Range: Versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secuniaresearch.flexerasoftware.com/advisories/76368/nvdPermissions RequiredThird Party Advisory
ics-cert.us-cert.gov/advisories/ICSA-18-144-01nvd
www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-managernvd
www.schneider-electric.com/en/download/document/SEVD-2018-046-01/nvd
www.schneider-electric.com/en/download/document/SEVD-2018-137-01/nvd
www.schneider-electric.com/en/download/document/SEVD-2018-144-01/nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000