Plataforma
windows
Componente
ni-labview
Corrigido em
23.0.0
23.3.9
24.3.6
25.3.4
26.1.1
CVE-2026-32861 describes a memory corruption vulnerability discovered in NI LabVIEW. This flaw stems from an out-of-bounds write condition triggered when the application processes a corrupted LVCLASS file. Successful exploitation could lead to information disclosure or even arbitrary code execution, impacting users of NI LabVIEW versions 0.0.0 through 26.1.1. A patch is available in version 26.1.1.
The core of this vulnerability lies in the improper handling of LVCLASS files. An attacker could craft a malicious .lvclass file designed to trigger the out-of-bounds write. Upon a user opening this file within NI LabVIEW, the vulnerability could be exploited. The potential impact is significant, ranging from the disclosure of sensitive information stored within the application's memory to the execution of arbitrary code. This could allow an attacker to gain control of the affected system, install malware, or steal data. The requirement for user interaction (opening the malicious file) limits the immediate scope, but widespread use of LabVIEW increases the potential attack surface.
CVE-2026-32861 was publicly disclosed on April 7, 2026. Currently, there is no indication of active exploitation or a KEV listing. No public proof-of-concept (PoC) code has been released. The vulnerability's reliance on user interaction suggests a lower probability of widespread exploitation compared to remote, unauthenticated vulnerabilities, but the potential impact warrants prompt patching.
Organizations and individuals heavily reliant on NI LabVIEW for data acquisition, instrument control, and automation are at risk. This includes researchers, engineers, and technicians working in fields such as scientific research, industrial automation, and test and measurement. Legacy LabVIEW deployments and systems with limited patching capabilities are particularly vulnerable.
• windows / supply-chain:
Get-Process -Name "LabVIEW" | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.TaskName -like "*LabVIEW*"}• windows / supply-chain:
reg query "HKLM\SOFTWARE\National Instruments\LabVIEW" /v Versiondisclosure
Status do Exploit
EPSS
0.02% (percentil 5%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-32861 is to upgrade to NI LabVIEW version 26.1.1 or later, which includes the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing stricter file access controls to prevent users from opening untrusted .lvclass files. Educate users about the risks of opening files from unknown or untrusted sources. While a WAF or proxy cannot directly mitigate this file parsing vulnerability, they can be configured to block known malicious file extensions or patterns. Verify the upgrade by attempting to load a known-safe LVCLASS file and confirming no errors or crashes occur.
Actualice a NI LabVIEW versión 26.1.1 o posterior para mitigar la vulnerabilidad. La actualización corrige un error de escritura fuera de límites al procesar archivos LVCLASS corruptos, previniendo la posible divulgación de información o ejecución de código arbitrario. Descargue la actualización desde el sitio web de soporte de NI.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-32861 is a memory corruption vulnerability in NI LabVIEW versions 0.0.0–26.1.1, allowing potential information disclosure or arbitrary code execution via a corrupted .lvclass file.
You are affected if you are using NI LabVIEW versions prior to 26.1.1. Check your installed version against the affected range to determine your risk.
Upgrade to NI LabVIEW version 26.1.1 or later to resolve this vulnerability. Ensure you back up your system before applying the update.
As of the last update, there is no evidence of active exploitation of CVE-2026-32861, but vigilance is still advised.
Refer to the National Instruments security advisory page for the latest information and updates regarding CVE-2026-32861: [https://www.ni.com/en-us/shop/security/security-advisories.html]
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.