CVE-2024-6638 β€” Integer Overflow or Wraparound in Labview

CWE-190 β€” Integer Overflow or Wraparound2 documents2 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
NI Labview
Timeline
PublishedJul 22

Description

An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

β–ΆNVDni/labview2021+3

πŸ”΄Vulnerability Details

1
GHSA
GHSA-r476-rhjx-f9gg: An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop↗2024-07-22
β–Ά
CVE-2024-6638 β€” Integer Overflow or Wraparound | cvebase