Description
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI grpc-device 2.17.0 and prior versions.
Problem types
CWE-476 NULL pointer dereference
Product status
Any version
Any version
Credits
Sebastián Alba Vives (@Sebasteuo / 0xS4bb1)
References
www.ni.com/...-vulnerabilities-in-ni-grpc-device-server.html
github.com/...device/security/advisories/GHSA-7vg9-5c74-289x