Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-23612

Summary
Assigner-NI
Assigner Org ID-bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4
Published At-11 Mar, 2024 | 15:19
Updated At-10 Oct, 2024 | 20:30
Rejected At-
Credits

Improper Error Handling Issue in LabVIEW

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:NI
Assigner Org ID:bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4
Published At:11 Mar, 2024 | 15:19
Updated At:10 Oct, 2024 | 20:30
Rejected At:
▼CVE Numbering Authority (CNA)
Improper Error Handling Issue in LabVIEW

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Affected Products
Vendor
NI
Product
LabVIEW
Platforms
  • Windows
  • Linux
Default Status
unaffected
Versions
Affected
  • From 0 through 2024 Q1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-1285CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input
Type: CWE
CWE ID: CWE-1285
Description: CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-23CAPEC-23 File Content Injection
CAPEC ID: CAPEC-23
Description: CAPEC-23 File Content Injection
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html
N/A
Hyperlink: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html
x_transferred
Hyperlink: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
ni
Product
labview
CPEs
  • cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 2024_q1 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@ni.com
Published At:11 Mar, 2024 | 16:15
Updated At:10 Oct, 2024 | 21:15

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-1285Secondarysecurity@ni.com
CWE ID: CWE-1285
Type: Secondary
Source: security@ni.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.htmlsecurity@ni.com
N/A
Hyperlink: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-error-handling-issues-in-labview.html
Source: security@ni.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

20Records found
CVE-2024-23609
Matching Score-10
Assigner-National Instruments
ShareView Details
Matching Score-10
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.48%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 15:17
Updated-16 Apr, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Error Handling Issue in LabVIEW

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Action-Not Available
Vendor-NIni
Product-LabVIEWlabview
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2021-42563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 20:48
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.

Action-Not Available
Vendor-nin/aMicrosoft Corporation
Product-windowsni_service_locatorn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-38304
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.62%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 15:51
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-ni-paln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23608
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-1.44% / 79.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 15:10
Updated-22 Aug, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Write Due to Missing Bounds Check in LabVIEW

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Action-Not Available
Vendor-NIni
Product-LabVIEWlabview
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23611
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-1.07% / 76.78%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 15:14
Updated-27 Feb, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Write Due to Missing Bounds Check in LabVIEW

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Action-Not Available
Vendor-niNIni
Product-labviewLabVIEWlabview
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-1155
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.80%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 14:34
Updated-12 Feb, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect permissions for shared NI SystemLink Elixir based services

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-emersonNI
Product-specification_compliance_managerflexloggersystemlink_serverlabview_nxgg_web_development_softwarestatic_test_software_suitedata_record_adsts_software_bundleSystemLink ServerFlexLogger
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-1156
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.42%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 14:37
Updated-12 Feb, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.

Action-Not Available
Vendor-emersonNIni
Product-specification_compliance_managerflexloggersystemlink_serverlabview_nxgg_web_development_softwarestatic_test_software_suitedata_record_adsts_software_bundleSystemLink ServerFlexLoggersystemlinkflexlogger
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-4044
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-17.52% / 94.82%
||
7 Day CHG~0.00%
Published-10 May, 2024 | 14:59
Updated-01 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data Vulnerability in FlexLogger and InstrumentStudio

A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger 2024 Q1 and prior versions as well as NI InstrumentStudio 2024 Q1 and prior versions.

Action-Not Available
Vendor-NIni
Product-FlexLoggerInstrumentStudioinstrumentstudioflexlogger
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-23610
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-1.44% / 79.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 15:12
Updated-27 Feb, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Write Due to Missing Bounds Check in LabVIEW

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

Action-Not Available
Vendor-niNIni
Product-labviewLabVIEWlabview
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42718
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG+0.01%
Published-01 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-labview_command_line_interfacen/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-35415
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.09%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 02:21
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-configuration_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-6675
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.66%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 20:01
Updated-01 Aug, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File

A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior versions.

Action-Not Available
Vendor-NIni
Product-VeriStandveristand
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-6121
Matching Score-8
Assigner-National Instruments
ShareView Details
Matching Score-8
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.96%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 19:46
Updated-12 Sep, 2024 | 21:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NI SystemLink Server Ships Out of Date Redis Version

An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service.

Action-Not Available
Vendor-niNI
Product-systemlinkflexloggerSystemLink ServerFlexLogger
CWE ID-CWE-1395
Dependency on Vulnerable Third-Party Component
CVE-2024-10496
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-8.4||HIGH
EPSS-0.04% / 9.46%
||
7 Day CHG-0.00%
Published-10 Dec, 2024 | 15:55
Updated-04 Mar, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds read in BuildFontMap in fontmgr.cpp in NI LabVIEW

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2024-10495
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-8.4||HIGH
EPSS-0.04% / 9.46%
||
7 Day CHG-0.00%
Published-10 Dec, 2024 | 15:52
Updated-04 Mar, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds read when loading the font table in fontmgr.cpp in NI LabVIEW

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2025-2634
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-7.3||HIGH
EPSS-0.04% / 9.54%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 15:53
Updated-19 Aug, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Read Vulnerability in NI LabVIEW when building font map

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2025-7849
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-8.5||HIGH
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 21:27
Updated-19 Aug, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory Corruption Issue in NI LabVIEW due to improper error handling

A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2025-7848
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-8.5||HIGH
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 21:24
Updated-19 Aug, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing input check in lvpict.cpp used in NI LabVIEW

A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2024-10494
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-8.4||HIGH
EPSS-0.04% / 9.46%
||
7 Day CHG-0.00%
Published-10 Dec, 2024 | 15:49
Updated-04 Mar, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds read in HeapObjMapImpl.cpp in NI LabVIEW

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2025-2633
Matching Score-6
Assigner-National Instruments
ShareView Details
Matching Score-6
Assigner-National Instruments
CVSS Score-7.3||HIGH
EPSS-0.04% / 9.54%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 15:49
Updated-19 Aug, 2025 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
Details not found