{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T11:49:21.924","vulnerabilities":[{"cve":{"id":"CVE-2024-10494","sourceIdentifier":"security@ni.com","published":"2024-12-10T16:15:21.930","lastModified":"2025-03-04T18:40:13.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q3 and prior versions."},{"lang":"es","value":"Una lectura fuera de los límites debido a una validación de entrada incorrecta en HeapObjMapImpl.cpp en NI LabVIEW puede revelar información o provocar la ejecución de código arbitrario. Para explotarla con éxito, es necesario que un atacante proporcione a un usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q3 y versiones anteriores."}],"metrics":{"cvssMetricV40":[{"source":"security@ni.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"security@ni.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@ni.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*","versionEndIncluding":"2021","matchCriteriaId":"807AE6D5-8096-47A2-A47D-1A5EFC85652D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2022:q1:*:*:*:*:*:*","matchCriteriaId":"4D12D6CF-802F-47BA-ADF9-9E52C071BD7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2022:q3:*:*:*:*:*:*","matchCriteriaId":"340F61E5-D1ED-4C29-A894-8BC5C5B90ACE"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2022:q3_patch1:*:*:*:*:*:*","matchCriteriaId":"52CC3023-4913-40BA-B74C-786F32DC7551"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2022:q3_patch2:*:*:*:*:*:*","matchCriteriaId":"FC150E98-5889-4A65-84B8-E4871091D104"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*","matchCriteriaId":"D7DD2022-CFB7-4F38-B459-C1AFB55B5B68"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*","matchCriteriaId":"18AB0B07-72FE-4861-B69D-AD2E87C5382E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*","matchCriteriaId":"91928C9C-F094-4EE4-9FBE-2B7956D68E6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*","matchCriteriaId":"044C4B51-C641-41F2-ACA0-834C99D63285"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q3_patch3:*:*:*:*:*:*","matchCriteriaId":"26EEE5E3-AD37-4832-A66C-5F8F7A478F30"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2023:q3_patch4:*:*:*:*:*:*","matchCriteriaId":"5DC20B17-C582-42C4-9780-5DC61B4AED91"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*","matchCriteriaId":"7753CCDF-BAF8-4F91-B85B-EBB2B88F6F30"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2024:q1_patch1:*:*:*:*:*:*","matchCriteriaId":"953E8FD0-4420-4592-B696-C377D4EE0CA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2024:q3:*:*:*:*:*:*","matchCriteriaId":"5D99DCCD-511E-482E-8307-24382D1B621B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ni:labview:2024:q3_patch1:*:*:*:*:*:*","matchCriteriaId":"600A4905-B888-454F-9DF6-1C09FB71DBE2"}]}]}],"references":[{"url":"https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview-.html","source":"security@ni.com","tags":["Vendor Advisory"]}]}}]}