PT-2024-17081 · National Instruments · Ni Flexlogger

06Fe5Fd2Bc53027C4A3B7E395Af0B850E7B8A044

Published

2024-02-20

Updated

2024-02-28

CVE-2024-1155

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NI FlexLogger versions (affected versions not specified)

Description The issue is related to incorrect permissions in the installation directories for shared SystemLink Elixir based services. This may allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-276

Related Identifiers

CVE-2024-1155

ZDI-24-209

ZDI-24-210

ZDI-24-211

ZDI-24-212

ZDI-24-213

Affected Products

Ni Flexlogger

PT-2024-17081 · National Instruments · Ni Flexlogger

CVE-2024-1155

Weakness Enumeration

Related Identifiers

Affected Products

References · 11