CVE-2024-1155
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/02/2024
Last modified:
12/02/2025
Description
Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access. <br />
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:emerson:data_record_ad:*:*:*:*:*:*:*:* | 2.0.1 (including) | |
| cpe:2.3:a:emerson:flexlogger:*:*:*:*:*:*:*:* | 2022_q3 (including) | |
| cpe:2.3:a:emerson:g_web_development_software:*:*:*:*:*:*:*:* | 2022_q3 (including) | |
| cpe:2.3:a:emerson:labview_nxg:5.1:*:*:*:community:*:*:* | ||
| cpe:2.3:a:emerson:labview_nxg:5.1:*:*:*:real-time_module:*:*:* | ||
| cpe:2.3:a:emerson:labview_nxg:5.1:*:*:*:web_module:*:*:* | ||
| cpe:2.3:a:emerson:specification_compliance_manager:*:*:*:*:*:*:*:* | 2023_q4 (including) | |
| cpe:2.3:a:emerson:static_test_software_suite:*:*:*:*:*:*:*:* | 1.2 (including) | |
| cpe:2.3:a:emerson:sts_software_bundle:*:*:*:*:*:*:*:* | 21.0 (including) | |
| cpe:2.3:a:emerson:systemlink_server:*:*:*:*:*:*:*:* | 2024_q1 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/incorrect-permissions-for-shared-systemlink-elixir-based-service.html
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/incorrect-permissions-for-shared-systemlink-elixir-based-service.html