Arbitrary Code Execution Vulnerability in NI Vision Software Using Third-Party Libraries
CVE-2024-12740

7HIGH

Key Information:

Vendor: Ni
Status: Vision Development Module; Flexrio; Ni-imaqdx; Vision Acquisition Software
Vendor: CVE Published:; 27 January 2025

What is CVE-2024-12740?

The NI Vision Software utilizes a third-party library for image processing, which contains several vulnerabilities that could potentially lead to arbitrary code execution. An attacker can exploit these vulnerabilities if they successfully trick a user into opening a specially crafted file, thereby compromising the system's security. It's crucial for users to remain vigilant and apply necessary updates to mitigate the risks associated with these vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Data Record AD 0 <= 2.0

FlexRIO 0 < 25.0

FRC Game Tools 0 <= 25.0

References

https://www.ni.com/en/support/security/available-critical...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Dec 17, 2024

Credit

kimiya working with Trend Micro Zero Day Initiative

JSON

Ni

What is CVE-2024-12740?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.