FlexLogger
by Ni
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4044 | Hig | 0.52 | 7.8 | 0.15 | May 14, 2024 | A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability… | ||
| CVE-2025-2449 | 0.02 | — | 0.20 | Mar 18, 2025 | NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2024-6121 | 0.00 | — | 0.00 | Jul 22, 2024 | An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this… | |||
| CVE-2024-6122 | 0.00 | — | 0.00 | Jul 22, 2024 | An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and… | |||
| CVE-2024-1156 | 0.00 | — | 0.00 | Feb 20, 2024 | Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges. | |||
| CVE-2024-1155 | 0.00 | — | 0.00 | Feb 20, 2024 | Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2023-5136 | 0.00 | — | 0.00 | Nov 8, 2023 | An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file. |
- risk 0.52cvss 7.8epss 0.15
A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability…
- CVE-2025-2449Mar 18, 2025risk 0.02cvss —epss 0.20
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the…
- CVE-2024-6121Jul 22, 2024risk 0.00cvss —epss 0.00
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this…
- CVE-2024-6122Jul 22, 2024risk 0.00cvss —epss 0.00
An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and…
- CVE-2024-1156Feb 20, 2024risk 0.00cvss —epss 0.00
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.
- CVE-2024-1155Feb 20, 2024risk 0.00cvss —epss 0.00
Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-5136Nov 8, 2023risk 0.00cvss —epss 0.00
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.