Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable gRPC API, no auth or interaction per description; untrusted pointer dereference leading to RCE implies full C/I/A impact on the service host.
Primary rating from Vendor (NI).
CVSS VectorVendor: NI
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially crafted Moniker protobuf message. This affects NI grpc-device 2.17.0 and prior versions.
AnalysisAI
Remote code execution in NI grpc-device 2.17.0 and earlier is possible when an attacker sends a specially crafted Moniker protobuf message to the sideband streaming API, triggering an untrusted pointer dereference (CWE-822). The flaw is reachable without authentication or user interaction over the network, yielding a CVSS 4.0 base score of 9.3. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the NI grpc-device server (version 2.17.0 or earlier) be running and that its gRPC sideband streaming API be reachable from the attacker's network position; the attacker must be able to send a specially crafted Moniker protobuf message to that endpoint. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Multiple signals point to this being a real priority for any environment exposing grpc-device: the CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N with VC:H/VI:H gives a 9.3 base score, meaning network-reachable, no authentication, no user interaction, and high confidentiality+integrity impact (availability scored N, likely because the primary outcome is memory corruption leading to code execution rather than guaranteed crash). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to a measurement workstation running NI grpc-device 2.17.0 connects to the gRPC sideband streaming endpoint and sends a crafted Moniker protobuf message whose internal identifier fields encode an attacker-chosen pointer value. The server deserializes the message and dereferences the supplied pointer without validation, enabling memory corruption that is shaped into arbitrary code execution in the context of the grpc-device service. … |
| Remediation | Patch available per vendor advisory - upgrade NI grpc-device to a version newer than 2.17.0 as directed by the NI security bulletin at https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/multiple-vulnerabilities-in-ni-grpc-device-server.html and the upstream GitHub advisory GHSA-ww59-ghm9-mm63 at https://github.com/ni/grpc-device/security/advisories/GHSA-ww59-ghm9-mm63; the exact fixed version should be taken from those advisories. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all systems running NI grpc-device 2.17.0 or earlier; immediately isolate affected devices from untrusted networks and disable internet-facing access to the sideband API. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Grpc Device
View allUnauthenticated network access to NI grpc-device 2.17.0 and earlier is possible when the server is deployed without TLS
Denial of service in NI grpc-device 2.17.0 and prior allows remote unauthenticated attackers to crash the data moniker s
Remote denial of service in NI grpc-device 2.17.0 and earlier allows unauthenticated network attackers to crash the stre
Denial of service in NI grpc-device 2.17.0 and earlier allows an authenticated remote attacker to crash or destabilize t
Silent integer truncation in NI grpc-device 2.17.0 and earlier allows unauthenticated network-accessible attackers to co
Memory exhaustion denial of service in NI grpc-device's BeginSidebandStream RPC endpoint allows authenticated network at
Same weakness CWE-822 – Untrusted Pointer Dereference
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38012