Citrix recently identified a vulnerability in License Server versions prior to 11.13.1.2 (released 2/17/16) that could allow a remote, unauthenticated attacker to crash the License Server and potentially execute arbitrary code, though the attacker would likely need to be on the local network since License Server is typically not directly exposed to the Internet. That said, this issue potentially affects all previous versions of Citrix License Server, and it is strongly recommended that the update be applied.
Additional information is available here.