Security News > 2017 > August > Cisco unveils LabVIEW code execution flaw that won’t be patched (Help Net Security)
2017-08-30 17:16
LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. LabVIEW is commonly used for building data acquisition, instrument control, and industrial automation systems on a variety of operating systems: Windows, macOS, Linux and Unix. The vulnerability (CVE-2017-2779) The vulnerability was discovered by Cory Duplantis of Cisco Talos earlier this year, and reported to the company. It can be triggered by … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/xnjl81_W09c/
Related news
- Cisco creates architecture to improve security and sell you new switches (source)
- Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes (source)
- Cisco’s Splunk Acquisition Should Help Security Pros See Threats Sooner in Australia and New Zealand (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-05 | CVE-2017-2779 | Out-of-bounds Write vulnerability in NI Labview An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. | 6.8 |