First published: Mon Jul 22 2024(Updated: )
A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file. This vulnerability affects VeriStand 2024 Q2 and prior versions.
Credit: security@ni.com
Affected Software | Affected Version | How to fix |
---|---|---|
NI VeriStand | <=2024 | |
NI VeriStand | =2024-q2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-6791 is classified as a critical vulnerability due to its potential for remote code execution.
To mitigate CVE-2024-6791, ensure you update to the latest version of NI VeriStand released after the discovery of this vulnerability.
CVE-2024-6791 affects users of NI VeriStand 2024 Q2 and earlier versions.
CVE-2024-6791 is caused by a directory path traversal vulnerability when loading specially crafted .vsmodel files.
If you have opened a vulnerable .vsmodel file, it is recommended to run a thorough malware scan and apply security patches immediately.