Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-23608

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Published

2024-03-11T16:15:07.897

Last Modified

2025-02-27T17:51:32.090

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-787
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ni	labview	≤ 2020	Yes
Application	ni	labview	2021	Yes
Application	ni	labview	2021	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2024	Yes

References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-due-to-missing-bounds-check-in-labview.html Patch, Vendor Advisory ([email protected])
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-due-to-missing-bounds-check-in-labview.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)