Vulnerabilities > NI > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-05 | CVE-2023-4570 | Unspecified vulnerability in NI Measurementlink 1.0.0/1.0.1/1.1.0 An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. low complexity ni | 8.8 |
2022-12-01 | CVE-2022-42718 | Incorrect Default Permissions vulnerability in NI Labview Command Line Interface Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2022-09-16 | CVE-2022-35415 | Improper Input Validation vulnerability in NI Configuration Manager An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access. | 7.8 |
2021-11-12 | CVE-2021-42563 | Unquoted Search Path or Element vulnerability in NI Service Locator There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. | 7.8 |
2021-09-17 | CVE-2021-38304 | Improper Input Validation vulnerability in NI Ni-Pal 20.0.0 Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access. | 7.8 |
2020-12-11 | CVE-2020-25191 | Incorrect Permission Assignment for Critical Resource vulnerability in NI Compactrio Firmware Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely. | 7.5 |
2017-09-05 | CVE-2017-2779 | Out-of-bounds Write vulnerability in NI Labview An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. | 7.8 |
2017-03-31 | CVE-2017-2775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NI Labview 16.0.0.49152 An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. | 7.8 |