A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
References
Configurations
Configuration 1 (hide)
|
History
17 Sep 2024, 14:16
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ni
Ni veristand |
|
CPE | cpe:2.3:a:ni:veristand:2024:q2:*:*:*:*:*:* cpe:2.3:a:ni:veristand:*:*:*:*:*:*:*:* |
|
References | () https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html - Vendor Advisory |
24 Jul 2024, 12:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
22 Jul 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-22 21:15
Updated : 2024-09-17 14:16
NVD link : CVE-2024-6793
Mitre link : CVE-2024-6793
CVE.ORG link : CVE-2024-6793
JSON object : View
Products Affected
ni
- veristand
CWE
CWE-502
Deserialization of Untrusted Data