CVE-2025-64467Out-of-bounds Read in Labview

CWE-125Out-of-bounds Read12 documents4 sources
Severity
8.5HIGHNVD
EPSS
0.0%
top 91.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
NI Labview
Timeline
PublishedDec 18

Description

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5ni/labview23.1.023.3.7+3
NVDni/labview4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-prw5-7c44-7w86: There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file2025-12-18

📋Vendor Advisories

1
CISA ICS
National Instruments LabView2025-12-18

🕵️Threat Intelligence

9
Wiz
CVE-2025-64466 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64467 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64462 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64463 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64464 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-64467 — Out-of-bounds Read in NI Labview | cvebase