CVE-2013-5023
CVE-2013-5023 is a medium-severity vulnerability in Ni Diadem with a CVSS 2.0 base score of 4.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 4.3)
- EPSS exploit prediction: 1% (67th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Ni Diadem
- Published:
- Last modified:
Description
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
Frequently asked questions
- What is CVE-2013-5023?
- The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
- How severe is CVE-2013-5023?
- CVE-2013-5023 has a CVSS 2.0 base score of 4.3, rated medium severity.
- Is CVE-2013-5023 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (67th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2013-5023?
- CVE-2013-5023 primarily affects Ni Diadem. In total, 5 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2013-5023?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2013-5023 published?
- CVE-2013-5023 was published on 2013-08-06 and last updated on 2026-06-16.
References
- http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument
- http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument
- http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument
Affected products (5)
- cpe:2.3:a:ni:diadem:*:*:*:*:*:*:*:*
- cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
- cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*
- cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*
- cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*
More vulnerabilities in Ni Diadem
- CVE-2023-5136 — Medium (CVSS 5.5): An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An…