As a related example, I was recently (last summer) confronted by a patchset from [a prominent network router manufacturer] for OpenLDAP, which they wanted to contribute back to the Project. Upon reviewing the patchset, I found they were using an OpenLDAP release from 2001, and this is the code they've been embedding in the firmware of many of their router products from then till now. Many of the patches they sent me were in fact patches I had written for the Project, which they had backported somewhere in the mists of time.
So, thanks to OpenLDAP's permissive license, there's a lot of network hardware out there running ancient, patchwork code that's massively obsolete, along with a crazyquilt of patches of widely varying quality. None of the users of this hardware have any idea of what's inside there, no one can say what security vulnerabilities may or may not exist in any particular model # or serial #, because the code itself is just a frankenstein jumble.
Personally I would have preferred the GPL, because it would have prevented this sort of situation, but it would be quite difficult for the OpenLDAP Foundation to contact all of the copyright holders and ask them to approve a license change, and I suspect a number of them would refuse to change.
Just keep in mind - the freedom that permissive licenses grants to proprietary software companies almost always works to the customers' disadvantage. They will allow their code bases to diverge, they will allow bitrot to set in, they will allow CVEs to go unaddressed, and no one outside will know exactly how bad things are. Until perhaps 10-15 years later, if someone inside the company wakes up and realizes how untenable their situation really is. But the problem is these companies always jump down this path at first; they haven't looked far enough down it to see where it goes.