CVE-2025-7361Code Injection in Labview

CWE-94Code Injection2 documents2 sources
Severity
8.5HIGHNVD
EPSS
0.0%
top 91.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
NI Labview
Timeline
PublishedJul 29
Latest updateJul 30

Description

A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vulnerability affects 32-bit NI LabVIEW 2025 Q1 and prior versions. LabVIEW 64-bit versions do not support CIN nodes and are not affected.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5ni/labview25.0.025.3.0+2
NVDni/labview2021+4

🔴Vulnerability Details

1
GHSA
GHSA-2hq5-j2j6-vrv6: A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution2025-07-30
CVE-2025-7361 — Code Injection in NI Labview | cvebase