Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable gRPC service, low-complexity unknown-value trigger, no auth or user interaction, scope unchanged, impact limited to availability (process crash) with no confidentiality or integrity loss.
Primary rating from Vendor (NI).
CVSS VectorVendor: NI
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI grpc-device 2.17.0 and prior versions.
AnalysisAI
Denial of service in NI grpc-device 2.17.0 and prior allows remote unauthenticated attackers to crash the data moniker service by submitting an unknown value that triggers a NULL pointer dereference. The flaw also impacts deployments embedding the server via NI InstrumentStudio. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must have network reachability to the NI grpc-device server's gRPC listener and must send a request to the data moniker service containing a moniker value that is not registered on the target server; no authentication, user interaction, or non-default configuration is required, because grpc-device exposes the moniker service as part of its normal data-streaming API. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are largely consistent and point to a real but bounded availability risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network access to the grpc-device gRPC port opens a connection to the data moniker service and issues a request referencing an arbitrary moniker name that has not been registered. The server dereferences a NULL lookup result and the process crashes, taking down all instrument control sessions multiplexed through that server; the attacker can repeat the request after each restart to sustain the outage. … |
| Remediation | Patch available per vendor advisory: upgrade NI grpc-device to the fixed release published in GHSA-7vg9-5c74-289x (https://github.com/ni/grpc-device/security/advisories/GHSA-7vg9-5c74-289x) and apply the corresponding NI InstrumentStudio update referenced in the NI security bulletin (https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/multiple-vulnerabilities-in-ni-grpc-device-server.html); the specific patched version string is not enumerated in the provided data, so confirm the exact build from those advisories before deployment. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems running NI grpc-device 2.17.0 and earlier to identify exposure and criticality. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Grpc Device
View allRemote code execution in NI grpc-device 2.17.0 and earlier is possible when an attacker sends a specially crafted Monike
Unauthenticated network access to NI grpc-device 2.17.0 and earlier is possible when the server is deployed without TLS
Remote denial of service in NI grpc-device 2.17.0 and earlier allows unauthenticated network attackers to crash the stre
Denial of service in NI grpc-device 2.17.0 and earlier allows an authenticated remote attacker to crash or destabilize t
Silent integer truncation in NI grpc-device 2.17.0 and earlier allows unauthenticated network-accessible attackers to co
Memory exhaustion denial of service in NI grpc-device's BeginSidebandStream RPC endpoint allows authenticated network at
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38027