Researchers identified a vulnerability in National Instruments LabVIEW software that will not receive patch by the vendor. The vulnerability (CVE-2017-2779) was discovered by Cisco Talos and disclosed to National Instruments in January. Researchers linked the flaw to an exploitable memory corruption bug that exists in the RSRC segment parsing functionality of LabVIEW s software. National Instruments does not consider that this issue constitutes a. vulnerability in their product, since any. file format can be modified to replace legitimate content with malicious.
Source: https://threatpost.com/no-fix-planned-for-labview-bug-says-national-instruments/127782/