ICSA-24-205-03 · Published 2024-07-23 · View on CISA ICS-CERT ↗

National Instruments LabVIEW

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow a local attacker to disclose information and execute arbitrary code.

CVE-2024-4079 CVE-2024-4080 CVE-2024-4081

National Instruments has provided a fix for these issues and recommends users to refer to their public advisories:
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-due-to-missing-bounds-check-in-labview.html
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-issues-due-to-improper-length-checks-in-labview.html

National Instruments

National Instruments · LabVIEW <=24.1f0

Critical Manufacturing, Defense Industrial Base, Information Technology, Transportation Systems

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.