CVE-2024-12742

Name of the Vulnerable Software and Affected Versions NI G Web Development Software versions 2022 Q3 and prior

Description A deserialization of untrusted data issue exists that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file.

Recommendations For versions 2022 Q3 and prior, update to a version later than 2022 Q3 to resolve the issue. As a temporary workaround, consider avoiding the use of untrusted project files until a patch is available. Restrict access to project files from untrusted sources to minimize the risk of exploitation.