Unrated severityNVD Advisory· Published Aug 6, 2013· Updated Apr 29, 2026

CVE-2013-5022

Description

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.

Affected products

Ni/Labview
cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
Range: <=2012
Ni/Labwindows
cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*
Range: <=2012
Ni/Measurementstudio
cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*
Range: <=2013
Ni/Teststand
cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*
Range: <=2012

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623nvdPatchVendor Advisory
digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7DnvdVendor Advisory
digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000