Summary
Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code.
The following versions of National Instruments LabView are affected:
- LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469)
- LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469)
- LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469)
- LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469)
- LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.8 | National Instruments | National Instruments LabView | Out-of-bounds Write, Out-of-bounds Read, Use After Free, Stack-based Buffer Overflow |
Background
- Critical Infrastructure Sectors: Critical Manufacturing, Defense Industrial Base, Information Technology, Transportation Systems
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2025-64461
LabVIEW is vulnerable to an out-of-bounds write vulnerability when opening a corrupted VI, which may allow an attacker to execute arbitrary code. Successful exploitation requires an attacker to get a user to open a specially crafted VI file.
Read the original article: