Описание
An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2020 (включая)
Одно из
cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2021:-:*:*:-:*:*:*
cpe:2.3:a:ni:labview:2021:sp1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01442
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
почти 2 года назад
An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
EPSS
Процентиль: 80%
0.01442
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787