Executive Summary

CVE-2026-8035 is a vulnerability in the NI-PAL kernel driver versions 26.3.0 and earlier on Windows, Linux, and Linux Real-Time systems. It is caused by improper input validation that allows a local authenticated user to trigger a crash by causing a NULL pointer dereference.

This means that an attacker with local access and valid credentials can cause the affected system to become unstable or stop functioning properly by exploiting this flaw.

Useful 0 Not Useful 0

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS). A local authenticated user can exploit the improper input validation to crash the NI-PAL kernel driver, causing the system or affected software to stop working.

This can lead to system instability, interruption of services, and potential downtime, affecting productivity and reliability of systems using the vulnerable NI-PAL software.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate CVE-2026-8035, it is strongly recommended to upgrade the affected NI-PAL software to a fixed version.

• For Windows systems, install NI-VISA 2026 Q2 Patch 1 (version 26.3.1) or later via NI Package Manager, Software Downloads, or NI Update Service.
• For Linux Desktop users, upgrade to NI Linux Device Drivers 2026 Q2 or later.
• For Linux Real-Time users, install NI Linux RT System Image 2026 Q2 or later.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0