CVE-2024-12741

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 18, 2024
CWE ID 502

Summary

CVE-2024-12741 is a deserialization vulnerability affecting NI DAQExpress, where untrusted data can be exploited to execute remote code. An attacker must first get a user to open a maliciously crafted project file. DAQExpress versions 5.1 and older are susceptible to this issue. Notably, DAQExpress is an end-of-life product and will receive no further updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share