CVE-2024-6638

An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html

Configurations

No configuration.

History

No history.

Information

Published : 2024-07-22 20:15

Updated : 2024-07-24 12:55

NVD link : CVE-2024-6638

Mitre link : CVE-2024-6638

CVE.ORG link : CVE-2024-6638

JSON object : View

Products Affected

No product.

CWE

CWE-190

Integer Overflow or Wraparound

5.5 /10