Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Unpatched Code Execution Vulnerability Affects LabVIEW

Cisco Talos security researchers have discovered a code execution vulnerability in National Instruments’ LabVIEW system design and development platform.

The LabVIEW engineering software is used in applications that require test, measurement, and control functions.

Cisco Talos security researchers have discovered a code execution vulnerability in National Instruments’ LabVIEW system design and development platform.

The LabVIEW engineering software is used in applications that require test, measurement, and control functions.

The vulnerability discovered by Talos can be triggered by opening specially crafted VI files, the proprietary file format used by LabVIEW. The issue, the researchers say, resides in a section of the VI file named ‘RSRC’, which presumably contains resource information.

Modifying values within this section of a VI file can cause a controlled looping condition resulting in an arbitrary null write. This vulnerability can be used by an attacker to create a specially crafted VI file that when opened results in the execution of code supplied by the attacker.

“An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW. A specially crafted VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this vulnerability and can potentially result in code execution,” Talos reports.

Tracked as CVE-2017-2779 and featuring a CVSSv3 Score of 7.5, the vulnerability affects LabVIEW 2016 version 16.0. It is the second high severity code execution vulnerability Talos has discovered in the product this year, after a bug tracked as CVE-2017-2775 was resolved in March.

The security firm disclosed the findings to National Instruments in January, but no patch has been released for CVE-2017-2779, as the vendor does not consider it a vulnerability. Given that VI files are analogous to .exe files, the company claims that any .exe like file format can be modified to replace legitimate content with malicious one.

According to Talos, however, the vulnerability is similar to the .NET PE loader vulnerability CVE-2007-0041 that Microsoft resolved with MS07-040. The security firm also points out that many users might not be aware of the fact that VI files are analogous to .exe files and that the same security requirements should apply to them as well.

Advertisement. Scroll to continue reading.

“The consequences of a successful compromise of a system that interacts with the physical world, such as a data acquisition and control systems, may be critical to safety. Organizations that deploy such systems, even as pilot projects, should be aware of the risk posed by vulnerabilities such as these and adequately protect systems,” Talos notes.

Related: Code Execution Vulnerability Found in LabVIEW

Related: Cisco Finds Many Flaws in Moxa Industrial APs

Related: Serious Flaws Found in Aerospike Database Server

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.