CVE-2025-7849

High CVSS: 8.5

A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Vendor

Product

Labview

CWE

CWE-1285

Yayın Tarihi

2025-07-29 22:15:26

Güncelleme

2025-08-19 15:43:11

Source Identifier

security@ni.com

KEV Date Added

Kategoriler

CWE-1285 Labview HIGH Ni 2025

Referanslar

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-ni-labview.html

Benzer Kayıtlar

High

CVE-2026-0954

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent D…

High

CVE-2026-0955

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLa…

High

CVE-2026-0956

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLa…

High

CVE-2026-0957

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYL…

High

CVE-2025-64468

There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnera…

High

CVE-2025-64469

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corr…