CVE-2023-4570

Name of the Vulnerable Software and Affected Versions ni-measurementlink-service versions 1.1.0 and earlier

Description An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node.

Recommendations For versions 1.1.0 and earlier, upgrade to version 1.1.1 or later of the ni-measurementlink-service Python package to resolve the issue. As a temporary workaround, consider restricting access to the services exposed on localhost to minimize the risk of exploitation.