CVE-2024-4080

Name of the Vulnerable Software and Affected Versions: LabVIEW versions prior to 2024 Q1

Description: A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI.

Recommendations: For versions prior to 2024 Q1, update to a version that includes the fix for the memory corruption issue in tdcore.dll to prevent potential information disclosure or arbitrary code execution. As a temporary workaround, consider restricting the use of specially crafted VI files to minimize the risk of exploitation.