CVE-2024-23612

Summary

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Affected Software

VendorProductVersion RangeStatus
NILabVIEW0 <= 2024 Q1affected

Weaknesses

  • CWE-1285: CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References