This page provides information about published security advisories for NI software in 2023. Click the link in the Info Code column to obtain more information or to download the update.
| Name | Type | Description | Info Code |
|---|---|---|---|
NI Security Update for CVE-2023-4570 | Software | An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. This affects measurement plug-ins written in Python using version 1.1.0 of the ni-measurementlink-service Python package and all previous versions. | |
| NI Security Update for CVE-2023-4601 | Software | A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. | CVE-2023-4601 |
| Name | Type | Description | Info Code |
|---|---|---|---|
NI Security Update for CVE-2023-5136 | Software | An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file. |