Details of VAR-201709-1022

ID

VAR-201709-1022

CVE

CVE-2017-2779

TITLE

LabVIEW Vulnerable to out-of-bounds writing

Trust: 0.8

sources: JVNDB: JVNDB-2017-007773

DESCRIPTION

An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this vulnerability and can potentially result in code execution. LabVIEW Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. National Instruments LabVIEW is prone to a memory-corruption vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Note that this issue could be exploited to execute arbitrary code; however, this has not been confirmed. National Instruments LabVIEW 2016 version 16.0 is vulnerable; other versions may also be affected

Trust: 1.89

sources: NVD: CVE-2017-2779 // JVNDB: JVNDB-2017-007773 // BID: 100519

AFFECTED PRODUCTS

vendor:	ni	model:	labview	scope:	eq	version:	2016	Trust: 1.6
vendor:	ni	model:	labview	scope:	eq	version:	2017	Trust: 1.6
vendor:	ni	model:	labview	scope:	eq	version:	2014	Trust: 1.6
vendor:	ni	model:	labview	scope:	eq	version:	2015	Trust: 1.6
vendor:	national instruments	model:	labview	scope:	eq	version:	2014	Trust: 0.8
vendor:	national instruments	model:	labview	scope:	eq	version:	2015	Trust: 0.8
vendor:	national instruments	model:	labview	scope:	eq	version:	2016	Trust: 0.8
vendor:	national instruments	model:	labview	scope:	eq	version:	2017	Trust: 0.8
vendor:	national	model:	instruments labview	scope:	eq	version:	201616.0	Trust: 0.3

sources: BID: 100519 // JVNDB: JVNDB-2017-007773 // CNNVD: CNNVD-201709-089 // NVD: CVE-2017-2779

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-2779
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2017-2779
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-2779
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201709-089
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2017-2779
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2017-2779
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
talos-cna@cisco.com:	CVE-2017-2779
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: JVNDB: JVNDB-2017-007773 // CNNVD: CNNVD-201709-089 // NVD: CVE-2017-2779 // NVD: CVE-2017-2779

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.8

sources: JVNDB: JVNDB-2017-007773 // NVD: CVE-2017-2779

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201709-089

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201709-089

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-007773

PATCH

title:	Incomplete RSRC Validation in LabVIEW	url:	http://www.ni.com/product-documentation/54099/en/	Trust: 0.8
title:	National Instruments Compactrio Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=190035	Trust: 0.6

sources: JVNDB: JVNDB-2017-007773 // CNNVD: CNNVD-201709-089

EXTERNAL IDS

db:	NVD	id:	CVE-2017-2779	Trust: 2.7
db:	TALOS	id:	TALOS-2017-0273	Trust: 1.9
db:	BID	id:	100519	Trust: 1.9
db:	JVNDB	id:	JVNDB-2017-007773	Trust: 0.8
db:	CNNVD	id:	CNNVD-201709-089	Trust: 0.6

sources: BID: 100519 // JVNDB: JVNDB-2017-007773 // CNNVD: CNNVD-201709-089 // NVD: CVE-2017-2779

REFERENCES

url:	http://www.securityfocus.com/bid/100519	Trust: 1.6
url:	https://0patch.blogspot.com/2017/09/0patching-rsrc-arbitrary-null-write.html	Trust: 1.6
url:	http://www.ni.com/product-documentation/54099/en/	Trust: 1.6
url:	https://www.talosintelligence.com/vulnerability_reports/talos-2017-0273	Trust: 1.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2779	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-2779	Trust: 0.8
url:	https://talosintelligence.com/vulnerability_reports/talos-2017-0273	Trust: 0.6
url:	http://www.ni.com/en-gb/shop/labview.html	Trust: 0.3

sources: BID: 100519 // JVNDB: JVNDB-2017-007773 // CNNVD: CNNVD-201709-089 // NVD: CVE-2017-2779

CREDITS

Cory Duplantis of Cisco Talos.

Trust: 0.9

sources: BID: 100519 // CNNVD: CNNVD-201709-089

SOURCES

db:	BID	id:	100519
db:	JVNDB	id:	JVNDB-2017-007773
db:	CNNVD	id:	CNNVD-201709-089
db:	NVD	id:	CVE-2017-2779

LAST UPDATE DATE

2024-08-14T13:29:49.601000+00:00

SOURCES UPDATE DATE

db:	BID	id:	100519	date:	2017-08-29T00:00:00
db:	JVNDB	id:	JVNDB-2017-007773	date:	2017-10-03T00:00:00
db:	CNNVD	id:	CNNVD-201709-089	date:	2022-04-21T00:00:00
db:	NVD	id:	CVE-2017-2779	date:	2022-04-19T19:15:20.043

SOURCES RELEASE DATE

db:	BID	id:	100519	date:	2017-08-29T00:00:00
db:	JVNDB	id:	JVNDB-2017-007773	date:	2017-10-03T00:00:00
db:	CNNVD	id:	CNNVD-201709-089	date:	2017-08-29T00:00:00
db:	NVD	id:	CVE-2017-2779	date:	2017-09-05T18:29:00.257