PT-2024-37767 · National Instruments · Labview
James Mcnally
·
Published
2024-07-22
·
Updated
2024-07-24
·
CVE-2024-6638
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
LabVIEW versions prior to 2024 Q1
Description
The issue is caused by an integer overflow due to improper input validation when reading TDMS files, potentially leading to an infinite loop. To exploit this, an attacker would need to provide a user with a specially crafted TDMS file.
Recommendations
For versions prior to 2024 Q1, update to a version that includes the fix for this issue to prevent potential exploitation.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Labview