Login Sign Up

CVE-2025-64465

7.8 HIGH

📋 TL;DR

This vulnerability allows attackers to read memory outside intended boundaries when a user opens a specially crafted VI file in NI LabVIEW. Successful exploitation could lead to information disclosure or arbitrary code execution. It affects NI LabVIEW 2025 Q3 (25.3) and all prior versions.

💻 Affected Systems

Products:
  • NI LabVIEW
Versions: 2025 Q3 (25.3) and all prior versions
Operating Systems: Windows, Linux, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All LabVIEW installations with affected versions are vulnerable by default when parsing VI files.

📦 What is this software?

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

Labview by Ni

View all CVEs affecting Labview →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Arbitrary code execution with the privileges of the LabVIEW user, potentially leading to full system compromise.

🟠

Likely Case

Information disclosure through memory leaks, potentially exposing sensitive data or system information.

🟢

If Mitigated

Limited impact if users only open trusted VI files and have proper file validation controls.

🌐 Internet-Facing: LOW - Requires user interaction to open malicious files, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Internal users could be tricked into opening malicious VI files via phishing or shared drives.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires social engineering to get user to open malicious VI file. No public exploit code known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: NI LabVIEW 2025 Q4 or later

Vendor Advisory: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/multiple-memory-corruption-vulnerabilities-in-ni-labview.html

Restart Required: Yes

Instructions:

1. Download and install NI LabVIEW 2025 Q4 or later from NI website. 2. Restart the system. 3. Verify installation by checking version in LabVIEW Help menu.

🔧 Temporary Workarounds

Restrict VI file execution

all

Configure system to only allow execution of VI files from trusted sources using application whitelisting.

User awareness training

all

Train users to only open VI files from trusted sources and verify file integrity before opening.

🧯 If You Can't Patch

  • Implement strict file validation policies to only allow trusted VI files
  • Use application sandboxing or virtualization for LabVIEW execution

🔍 How to Verify

Check if Vulnerable:

Check LabVIEW version in Help > About LabVIEW menu. If version is 2025 Q3 (25.3) or earlier, system is vulnerable.

Check Version:

On Windows: reg query "HKLM\SOFTWARE\National Instruments\LabVIEW\CurrentVersion" /v Version

Verify Fix Applied:

Verify LabVIEW version is 2025 Q4 or later in Help > About LabVIEW menu.

📡 Detection & Monitoring

Log Indicators:

  • LabVIEW crash logs with memory access violations
  • Unexpected LabVIEW process termination

Network Indicators:

  • Unusual file downloads to LabVIEW systems
  • Suspicious email attachments with .vi extension

SIEM Query:

source="labview.log" AND ("access violation" OR "out of bounds" OR "memory corruption")

📊 Metadata

CVE ID: CVE-2025-64465
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
EPSS Score: 0.02% exploit probability (3.8th percentile)
Published: December 18, 2025
Last Updated: December 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64465, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)