ByteOS Network

CVE Vulnerability Details :

CVE-2025-7361

PUBLISHED

More Info Official Page

Assigner-NI

Assigner Org ID-bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4

Published At-29 Jul, 2025 | 21:19

Updated At-02 Aug, 2025 | 03:55

▼CVE Numbering Authority (CNA)

Code Injection Vulnerability in NI LabVIEW when using CIN nodes

A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vulnerability affects 32-bit NI LabVIEW 2025 Q1 and prior versions. LabVIEW 64-bit versions do not support CIN nodes and are not affected.

Affected Products

Vendor

Product

LabVIEW

Platforms

Windows
32 bit

Default Status

unaffected

Versions

Affected

From 0 through 22.3.5 (semver)
From 23.0.0 through 23.3.6 (semver)
From 24.0.0 through 24.3.3 (semver)
From 25.0.0 before 25.3.0 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-94	CWE-94 Improper Control of Generation of Code ('Code Injection')

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0	8.5	HIGH	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Impacts

CAPEC ID	Description
CAPEC-242	CAPEC-242 Code Injection

References

Hyperlink	Resource
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/code-injection-vulnerability-in-ni-labview-using-cin-nodes.html	N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References