Vulnerability Details CVE-2024-6638
An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.0%
CVSS Severity
CVSS v3 Score 5.5
References
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html
Products affected by CVE-2024-6638
-
cpe:2.3:a:ni:labview:-
-
cpe:2.3:a:ni:labview:16.0.0.49152
-
cpe:2.3:a:ni:labview:2012
-
cpe:2.3:a:ni:labview:2014
-
cpe:2.3:a:ni:labview:2015
-
cpe:2.3:a:ni:labview:2016
-
cpe:2.3:a:ni:labview:2017
-
cpe:2.3:a:ni:labview:2018
-
cpe:2.3:a:ni:labview:2019
-
cpe:2.3:a:ni:labview:2020
-
cpe:2.3:a:ni:labview:2021
-
cpe:2.3:a:ni:labview:2022
-
cpe:2.3:a:ni:labview:2023
-
cpe:2.3:a:ni:labview:2024