Описание
A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Уязвимые конфигурации
Конфигурация 1Версия до 2021 (включая)
Одно из
cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch6:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch2:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00024
Низкий
7.8 High
CVSS3
Дефекты
CWE-1285
Связанные уязвимости
CVSS3: 7.8
github
6 месяцев назад
A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
EPSS
Процентиль: 6%
0.00024
Низкий
7.8 High
CVSS3
Дефекты
CWE-1285