CVE-2024-6791

Name of the Vulnerable Software and Affected Versions NI VeriStand versions prior to 2024 Q2

Description A directory path traversal issue exists when loading a vsmodel file in NI VeriStand, potentially leading to remote code execution. Successful exploitation requires an attacker to trick a user into opening a specially crafted .vsmodel file.

Recommendations For versions prior to 2024 Q2, update to a version newer than 2024 Q2 to resolve the issue. As a temporary workaround, consider restricting the opening of .vsmodel files from untrusted sources to minimize the risk of exploitation.