Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-23612

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Published

2024-03-11T16:15:08.743

Last Modified

2025-02-27T18:11:29.183

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-1285
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ni	labview	≤ 2020	Yes
Application	ni	labview	2021	Yes
Application	ni	labview	2021	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2024	Yes

References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html Vendor Advisory ([email protected])
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)