ID

VAR-201703-0962


CVE

CVE-2017-2775


TITLE

LabVIEW Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-002811

DESCRIPTION

An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled VI file can be used to trigger this vulnerability, exploitation could lead to remote code execution. LabVIEW Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Ni LabVIEW is prone to a memory corruption vulnerability. Successfully exploiting this issue will allow the attacker to execute arbitrary code within the context of the system. Failed exploit attempts will result in a denial-of-service condition. LabVIEW 16.0.0.49152 is vulnerable; other versions may also be affected

Trust: 1.89

sources: NVD: CVE-2017-2775 // JVNDB: JVNDB-2017-002811 // BID: 97020

AFFECTED PRODUCTS

vendor:nimodel:labviewscope:eqversion:16.0.0.49152

Trust: 1.9

vendor:national instrumentsmodel:labviewscope:eqversion:16.0.0.49152

Trust: 0.8

sources: BID: 97020 // JVNDB: JVNDB-2017-002811 // CNNVD: CNNVD-201703-1073 // NVD: CVE-2017-2775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-2775
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2017-2775
value: HIGH

Trust: 1.0

NVD: CVE-2017-2775
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201703-1073
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2017-2775
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2017-2775
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

talos-cna@cisco.com: CVE-2017-2775
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: JVNDB: JVNDB-2017-002811 // CNNVD: CNNVD-201703-1073 // NVD: CVE-2017-2775 // NVD: CVE-2017-2775

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2017-002811 // NVD: CVE-2017-2775

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201703-1073

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201703-1073

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002811

PATCH

title:Top Pageurl:http://www.ni.com/labview/ja/

Trust: 0.8

sources: JVNDB: JVNDB-2017-002811

EXTERNAL IDS

db:TALOSid:TALOS-2017-0269

Trust: 2.7

db:NVDid:CVE-2017-2775

Trust: 2.7

db:BIDid:97020

Trust: 2.7

db:JVNDBid:JVNDB-2017-002811

Trust: 0.8

db:CNNVDid:CNNVD-201703-1073

Trust: 0.6

sources: BID: 97020 // JVNDB: JVNDB-2017-002811 // CNNVD: CNNVD-201703-1073 // NVD: CVE-2017-2775

REFERENCES

url:http://www.talosintelligence.com/reports/talos-2017-0269/

Trust: 2.4

url:http://www.securityfocus.com/bid/97020

Trust: 2.4

url:http://www.ni.com/product-documentation/53778/en/

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2775

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-2775

Trust: 0.8

url:http://www.ni.com/labview/

Trust: 0.3

url:http://www.talosintelligence.com/reports/talos-2017-0269/

Trust: 0.3

url:http://blog.talosintelligence.com/2017/03/vulnerability-spotlight-code-execution.html

Trust: 0.3

sources: BID: 97020 // JVNDB: JVNDB-2017-002811 // CNNVD: CNNVD-201703-1073 // NVD: CVE-2017-2775

CREDITS

Cory Duplantis of Cisco Talos.

Trust: 0.9

sources: BID: 97020 // CNNVD: CNNVD-201703-1073

SOURCES

db:BIDid:97020
db:JVNDBid:JVNDB-2017-002811
db:CNNVDid:CNNVD-201703-1073
db:NVDid:CVE-2017-2775

LAST UPDATE DATE

2024-11-23T22:52:32.319000+00:00


SOURCES UPDATE DATE

db:BIDid:97020date:2017-03-29T01:01:00
db:JVNDBid:JVNDB-2017-002811date:2017-05-01T00:00:00
db:CNNVDid:CNNVD-201703-1073date:2022-04-20T00:00:00
db:NVDid:CVE-2017-2775date:2024-11-21T03:24:07.950

SOURCES RELEASE DATE

db:BIDid:97020date:2017-03-22T00:00:00
db:JVNDBid:JVNDB-2017-002811date:2017-05-01T00:00:00
db:CNNVDid:CNNVD-201703-1073date:2017-03-28T00:00:00
db:NVDid:CVE-2017-2775date:2017-03-31T18:59:00.483