Buffer Overflow Vulnerability in NI I/O Trace Tool Could Lead to Arbitrary Code Execution
CVE-2024-5602

7.8HIGH

Key Information:

Vendor: Ni
Status: Io Trace Tool
Vendor: CVE Published:; 23 July 2024

What is CVE-2024-5602?

The vulnerability arises from a stack-based buffer overflow in the NI I/O Trace Tool, caused by a missing bounds check. This flaw can potentially allow an attacker to execute arbitrary code on the vulnerable system. Exploitation requires that the victim open a specially crafted nitrace file, which poses a significant risk to the integrity and security of systems using this tool. The NI I/O Trace Tool is part of the NI System Configuration utilities and is utilized widely in various NI software environments, including instances where it functions under the previous name NI Spy. Users are encouraged to review the NI Security Advisory for more information on affected versions and to implement necessary measures promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

IO Trace Tool 0 <= 24.3

References

https://www.ni.com/en/support/security/available-critical...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2024
Vulnerability Reserved
Jun 3, 2024

Credit

Michael Heinzl working with CISA

JSON

Ni

What is CVE-2024-5602?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.