CVE-2017-2775 : An exploitable memory corruption vulnerability exists in the LvVariantUnflatten

An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled VI file can be used to trigger this vulnerability, exploitation could lead to remote code execution.

Published 2017-03-31 18:59:00

Updated 2022-04-19 19:15:20

Source Talos

View at NVD, CVE.org

Vulnerability category: OverflowMemory CorruptionExecute code

Products affected by CVE-2017-2775

NI » Labview » Version: 16.0.0.49152
cpe:2.3:a:ni:labview:16.0.0.49152:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-2775

EPSS FAQ

4.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-2775

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.5	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H	1.6	5.9	Talos
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-2775

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-2775

http://www.talosintelligence.com/reports/TALOS-2017-0269/

TALOS-2017-0269 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Exploit;Technical Description;Third Party Advisory;VDB Entry
http://www.ni.com/product-documentation/53778/en/

LabVIEW 64-bit LvVariantUnflatten Vulnerability - National Instruments
http://www.securityfocus.com/bid/97020

Ni LabVIEW CVE-2017-2775 Memory Corruption Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2017-2775

Products affected by CVE-2017-2775

Exploit prediction scoring system (EPSS) score for CVE-2017-2775

CVSS scores for CVE-2017-2775

CWE ids for CVE-2017-2775

References for CVE-2017-2775