Every CVE whose affected-product data names Ni Veristand, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-6793 — CVSS 9.8 (critical): A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution…
CVE-2024-6794 — CVSS 9.8 (critical): A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code…
CVE-2024-6806 — CVSS 9.8 (critical): The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project resources. These missing checks may…
CVE-2024-6791 — CVSS 7.8 (high): A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution…
CVE-2024-6805 — CVSS 7.5 (high): The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. These missing checks may…
CVE-2023-5136 — CVSS 5.5 (medium): An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit…