Forums

LabVIEW Warning

Started by Cedron 3 years ago80 views

Anybody who uses LabVIEW should probably be aware of this:

thehackernews.com/2017/08/hacking-labview-vi-file.html

I'm not a user, but I think I recall seeing it discussed here.  For those who don't want to read the article, the pertinent information is:

"If you're an engineer and use LabVIEW software to design machines or industrial equipments, you should be very suspicious while opening any VI (virtual instrument) file."

"Security researchers from Cisco's Talos Security Intelligence have discovered a critical vulnerability in LabVIEW software that could allow attackers to execute malicious code on a target computer, giving them full control of the system."

"A specially crafted LabVIEW virtual instrument file (with the *.vi extension) can cause an attacker controlled looping condition resulting in an arbitrary null write,"

Ced