Vulnerability Details CVE-2024-23608
An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 7.8
References
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-due-to-missing-bounds-check-in-labview.html
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-due-to-missing-bounds-check-in-labview.html
Products affected by CVE-2024-23608
-
cpe:2.3:a:ni:labview:-
-
cpe:2.3:a:ni:labview:16.0.0.49152
-
cpe:2.3:a:ni:labview:2012
-
cpe:2.3:a:ni:labview:2014
-
cpe:2.3:a:ni:labview:2015
-
cpe:2.3:a:ni:labview:2016
-
cpe:2.3:a:ni:labview:2017
-
cpe:2.3:a:ni:labview:2018
-
cpe:2.3:a:ni:labview:2019
-
cpe:2.3:a:ni:labview:2020
-
cpe:2.3:a:ni:labview:2021
-
cpe:2.3:a:ni:labview:2022
-
cpe:2.3:a:ni:labview:2023
-
cpe:2.3:a:ni:labview:2024