CVE-2024-6638

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-6638
An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html
Configurations

No configuration.

History

21 Nov 2024, 09:50

Type Values Removed Values Added
References () https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html - () https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html -

24 Jul 2024, 12:55

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de desbordamiento de enteros debido a una validación de entrada incorrecta al leer archivos TDMS en LabVIEW puede resultar en un bucle infinito. La explotación exitosa requiere que un atacante proporcione al usuario un archivo TDMS especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores.

22 Jul 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-22 20:15

Updated : 2024-11-21 09:50

NVD link : CVE-2024-6638

Mitre link : CVE-2024-6638

CVE.ORG link : CVE-2024-6638

JSON object : View

Products Affected

No product.

CWE
CWE-190

Integer Overflow or Wraparound


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024