CVE-2024-6805 – Missing Authorization Checks in NI VeriStand Gateway for File Transfer Resources
https://notcve.org/view.php?id=CVE-2024-6805
These missing checks may result in information disclosure or remote code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html • CWE-862: Missing Authorization •
CVE-2024-6794 – Deserialization of Untrusted Data in NI VeriStand Waveform Streaming Server
https://notcve.org/view.php?id=CVE-2024-6794
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html • CWE-502: Deserialization of Untrusted Data •
CVE-2024-6793 – Deserialization of Untrusted Data in NI VeriStand DataLogging Server
https://notcve.org/view.php?id=CVE-2024-6793
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html • CWE-502: Deserialization of Untrusted Data •
CVE-2024-6791 – Directory Path Traversal Vulnerability in NI VeriStand with vsmodel Files
https://notcve.org/view.php?id=CVE-2024-6791
A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/directory-path-traversal-vulnerability-in-ni-veristand-with-vsmodel-files.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-6675 – Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File
https://notcve.org/view.php?id=CVE-2024-6675
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerability-in-ni-veristand-project-file.html • CWE-502: Deserialization of Untrusted Data •