CVE-2025-64469Stack-based Buffer Overflow in Labview

CWE-121Stack-based Buffer Overflow12 documents4 sources
Severity
8.5HIGHNVD
EPSS
0.0%
top 91.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
NI Labview
Timeline
PublishedDec 18

Description

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5ni/labview23.1.023.3.7+3
NVDni/labview4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-q3mg-3x76-2jfw: There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file2025-12-18

📋Vendor Advisories

1
CISA ICS
National Instruments LabView2025-12-18

🕵️Threat Intelligence

9
Wiz
CVE-2025-64466 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64467 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64462 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64463 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-64464 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-64469 — Stack-based Buffer Overflow in Labview | cvebase