9.3
CVE-2024-6913 - Execution with Unnecessary Privileges
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a remote shell on the windows system.This issue affects ProcessPlus: through 1.11.6507.0.
9.3
CVE-2024-6912 - Hardcoded MSSQL Credentials
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to login remove on all prone installations.This issue affects ProcessPlus: through 1.11.6507.0.
9.8
CVE-2024-6794 - Deserialization of Untrusted Data in NI VeriStand Waveform Streaming Server
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
9.8
CVE-2024-6793 - Deserialization of Untrusted Data in NI VeriStand DataLogging Server
Aย deserialization of untrusted dataย vulnerabilityย exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.
8.7
CVE-2024-6911 - Unauthenticated Local File Inclusion
Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus: through 1.11.6507.0.
7.8
CVE-2024-6791 - Directory Path Traversal Vulnerability in NI VeriStand with vsmodel Files
A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file. This vulnerability affects VeriStand 2024 Q2 and prior versioโฆ
7.8
CVE-2024-6675 - Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior versions.
5.5
CVE-2024-6638 - Integer Overflow Vulnerability Reading TDMS Files in LabVIEW
An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
7.8
CVE-2024-6121 - NI SystemLink Server Ships Out of Date Redis Version
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service.
5.5
CVE-2024-6122 - Incorrect Default Directory Permissions for NI SystemLink Redis Service
An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which inโฆ