Primary

Context

NI G Web Development Software Deserialization Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Patched

A deserialization of untrusted data vulnerability has been identified in NI G Web Development Software, specifically in versions through 2022 Q3. This vulnerability may allow arbitrary code execution. Exploitation requires an attacker to persuade a user to open a specially crafted project file.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected system.

Remediation

Users are advised to upgrade to NI G Web Development Software 2022 Q3 Patch 2 or later. The update can be obtained through the NI Package Manager or the NI Software Downloads page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

10.0

exploitability

5.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

10.0

exploitability

5.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NI G Web Development Software Deserialization Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

NI G Web Development Software

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating