There is an Unquoted Service Path in NI Service Locator in versions prior to 18.0. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. This vulnerability is described in CVE-2021-42563.
The NI Service Locator is installed with many NI products. This vulnerability applies to Windows systems only. Refer to the Mitigation Guidance section for identifying the version of NI Service Locator installed and how to upgrade or install the patch.
NI strongly recommends upgrading or applying the available patches.