CVE-2024-10496

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 10, 2024
CWE ID 1285

Summary

CVE-2024-10496 is a vulnerability affecting NI LabVIEW, specifically the BuildFontMap function in fontmgr.cpp. The flaw stems from insufficient input validation, resulting in an out-of-bounds read. An attacker could exploit this vulnerability by supplying a maliciously crafted VI to a user. Successful exploitation may lead to sensitive information disclosure or arbitrary code execution. This vulnerability impacts LabVIEW 2024 Q3 and earlier versions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share