CVE-2024-6794

A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ni:veristand:*:*:*:*:*:*:*:*
cpe:2.3:a:ni:veristand:2024:q2:*:*:*:*:*:*

History

17 Sep 2024, 14:15

Type Values Removed Values Added
CPE cpe:2.3:a:ni:veristand:2024:q2:*:*:*:*:*:*
cpe:2.3:a:ni:veristand:*:*:*:*:*:*:*:*
References () https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html - () https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html - Vendor Advisory
First Time Ni
Ni veristand

24 Jul 2024, 12:55

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de deserialización de datos no confiables en NI VeriStand Waveform Streaming Server que puede resultar en la ejecución remota de código. La explotación exitosa requiere que un atacante envíe un mensaje especialmente manipulado. Estas vulnerabilidades afectan a NI VeriStand 2024 Q2 y versiones anteriores.

22 Jul 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-22 21:15

Updated : 2024-09-17 14:15


NVD link : CVE-2024-6794

Mitre link : CVE-2024-6794

CVE.ORG link : CVE-2024-6794


JSON object : View

Products Affected

ni

  • veristand
CWE
CWE-502

Deserialization of Untrusted Data