CVE-2025-64461Out-of-bounds Write in Labview

CWE-787Out-of-bounds Write4 documents4 sources
Severity
8.5HIGHNVD
EPSS
0.0%
top 91.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
NI Labview
Timeline
PublishedDec 18

Description

There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5ni/labview23.1.023.3.7+3
NVDni/labview4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-jg58-5fhh-77r6: There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when parsing a corrupted VI file2025-12-18

📋Vendor Advisories

1
CISA ICS
National Instruments LabView2025-12-18

🕵️Threat Intelligence

1
Wiz
CVE-2025-64461 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-64461 — Out-of-bounds Write in NI Labview | cvebase