Описание
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024 (включая)
Одно из
cpe:2.3:a:ni:veristand:*:*:*:*:*:*:*:*
cpe:2.3:a:ni:veristand:2024:q2:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05715
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-502
CWE-502
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
EPSS
Процентиль: 90%
0.05715
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-502
CWE-502