nvd-json-data-feeds/CVE-2024/CVE-2024-127xx/CVE-2024-12740.json

{
  "id": "CVE-2024-12740",
  "sourceIdentifier": "security@ni.com",
  "published": "2025-01-27T18:15:36.743",
  "lastModified": "2025-01-27T18:15:36.743",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities.  These vulnerabilities may result in arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted file."
    },
    {
      "lang": "es",
      "value": "El software de visi\u00f3n de NI utiliz\u00f3 un librer\u00eda de terceros para el procesamiento de im\u00e1genes que expone varias vulnerabilidades. Estas vulnerabilidades pueden provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Para explotarlas con \u00e9xito, un atacante debe conseguir que un usuario abra un archivo manipulado especial."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security@ni.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "PASSIVE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NO",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "security@ni.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "references": [
    {
      "url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dependency-on-vulnerable-third-party-component-exposes-vulnerabi.html",
      "source": "security@ni.com"
    }
  ]
}
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`{`
			`"id": "CVE-2024-12740",`
			`"sourceIdentifier": "security@ni.com",`
			`"published": "2025-01-27T18:15:36.743",`
			`"lastModified": "2025-01-27T18:15:36.743",`
Auto-Update: 2025-02-09T03:00:20.560002+00:00 2025-02-09 03:03:48 +00:00			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file."`
Auto-Update: 2025-02-02T03:00:20.459795+00:00 2025-02-02 03:03:49 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "El software de visi\u00f3n de NI utiliz\u00f3 un librer\u00eda de terceros para el procesamiento de im\u00e1genes que expone varias vulnerabilidades. Estas vulnerabilidades pueden provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Para explotarlas con \u00e9xito, un atacante debe conseguir que un usuario abra un archivo manipulado especial."`
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV40": [`
			`{`
			`"source": "security@ni.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "4.0",`
			`"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",`
			`"baseScore": 7.0,`
			`"baseSeverity": "HIGH",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"attackRequirements": "NONE",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "PASSIVE",`
Auto-Update: 2025-03-02T03:00:19.570958+00:00 2025-03-02 03:03:52 +00:00			`"vulnConfidentialityImpact": "HIGH",`
			`"vulnIntegrityImpact": "HIGH",`
			`"vulnAvailabilityImpact": "HIGH",`
			`"subConfidentialityImpact": "NONE",`
			`"subIntegrityImpact": "NONE",`
			`"subAvailabilityImpact": "NONE",`
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`"exploitMaturity": "NOT_DEFINED",`
Auto-Update: 2025-03-02T03:00:19.570958+00:00 2025-03-02 03:03:52 +00:00			`"confidentialityRequirement": "NOT_DEFINED",`
			`"integrityRequirement": "NOT_DEFINED",`
			`"availabilityRequirement": "NOT_DEFINED",`
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`"modifiedAttackVector": "NOT_DEFINED",`
			`"modifiedAttackComplexity": "NOT_DEFINED",`
			`"modifiedAttackRequirements": "NOT_DEFINED",`
			`"modifiedPrivilegesRequired": "NOT_DEFINED",`
			`"modifiedUserInteraction": "NOT_DEFINED",`
Auto-Update: 2025-03-02T03:00:19.570958+00:00 2025-03-02 03:03:52 +00:00			`"modifiedVulnConfidentialityImpact": "NOT_DEFINED",`
			`"modifiedVulnIntegrityImpact": "NOT_DEFINED",`
			`"modifiedVulnAvailabilityImpact": "NOT_DEFINED",`
			`"modifiedSubConfidentialityImpact": "NOT_DEFINED",`
			`"modifiedSubIntegrityImpact": "NOT_DEFINED",`
			`"modifiedSubAvailabilityImpact": "NOT_DEFINED",`
			`"Safety": "NOT_DEFINED",`
			`"Automatable": "NO",`
			`"Recovery": "NOT_DEFINED",`
Auto-Update: 2025-01-27T19:00:26.917942+00:00 2025-01-27 19:03:53 +00:00			`"valueDensity": "NOT_DEFINED",`
			`"vulnerabilityResponseEffort": "NOT_DEFINED",`
			`"providerUrgency": "NOT_DEFINED"`
			`}`
			`}`
			`],`
			`"cvssMetricV31": [`
			`{`
			`"source": "security@ni.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "REQUIRED",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"references": [`
			`{`
			`"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dependency-on-vulnerable-third-party-component-exposes-vulnerabi.html",`
			`"source": "security@ni.com"`
			`}`
			`]`
			`}`