The NCCIC has published an advisory on improper input validation and memory corruption vulnerabilities in Vijeo Citect and Citect SCADA Floating License Manager. Floating License Manager version 2.3.0.0 and earlier are affected. These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. AVEVA recommends impacted users upgrade to Floating License Manager (FLM) Version 2.3.1.0 as soon as possible. The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.