7.8

CVE-2024-23608

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NiLabview Version <= 2020
NiLabview Version2021 Update- SwEdition-
NiLabview Version2021 Updatesp1
NiLabview Version2022 Updateq1
NiLabview Version2022 Updateq3
NiLabview Version2023 Updateq1
NiLabview Version2023 Updateq3
NiLabview Version2023 Updateq3_patch1
NiLabview Version2023 Updateq3_patch2
NiLabview Version2024 Updateq1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.44% 0.799
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@ni.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.