Multiple vulnerabilities in NI VeriStand



Published: 2024-08-19
Risk High
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2024-6675
CVE-2024-6805
CVE-2024-6806
CVE-2024-6794
CVE-2024-6793
CVE-2024-6791
CWE-ID CWE-502
CWE-749
CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
VeriStand
Other software / Other software solutions

Vendor National Instruments

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Deserialization of Untrusted Data

EUVDB-ID: #VU96194

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6675

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can trick a victim to open a specially crafted NIVSPRJ file and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerability-in-ni-veristand-project-file.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1031/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Exposed dangerous method or function

EUVDB-ID: #VU96220

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6805

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function within the processing of service requests in the ProjectServer component. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1024/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Exposed dangerous method or function

EUVDB-ID: #VU96219

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6805

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function within the IFileTransferServer component. A remote attacker can disclose information in the context of the current user.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1025/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Exposed dangerous method or function

EUVDB-ID: #VU96218

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6806

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function within the processing of service requests in the ProjectServer component. A remote attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1026/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Exposed dangerous method or function

EUVDB-ID: #VU96217

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6806

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function within the processing of service requests in the ProjectServer component. A remote attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1027/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deserialization of Untrusted Data

EUVDB-ID: #VU96216

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6794

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the processing of service requests in the WaveformStreamingServer component. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1028/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Deserialization of Untrusted Data

EUVDB-ID: #VU96212

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6793

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the processing of service requests in the DataLoggingServer component. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1029/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Path traversal

EUVDB-ID: #VU96211

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-6791

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can trick a victim to open a specially crafted VSMODEL file and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VeriStand: 2020 - 2024

CPE2.3 External links

http://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/directory-path-traversal-vulnerability-in-ni-veristand-with-vsmodel-files.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1030/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###