CVE-2024-12741
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Dec 18, 2024
CWE ID 502
Summary
CVE-2024-12741 is a deserialization vulnerability affecting NI DAQExpress, where untrusted data can be exploited to execute remote code. An attacker must first get a user to open a maliciously crafted project file. DAQExpress versions 5.1 and older are susceptible to this issue. Notably, DAQExpress is an end-of-life product and will receive no further updates.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share