8.5

CVE-2025-2632

Out of Bounds Write Vulnerability in NI LabVIEW reading CPU info from cache

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted VI.  This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NiLabview Version <= 2021
NiLabview Version2022 Updateq1
NiLabview Version2022 Updateq3
NiLabview Version2022 Updateq3_patch1
NiLabview Version2022 Updateq3_patch2
NiLabview Version2022 Updateq3_patch4
NiLabview Version2023 Updateq1
NiLabview Version2023 Updateq3
NiLabview Version2023 Updateq3_patch1
NiLabview Version2023 Updateq3_patch2
NiLabview Version2023 Updateq3_patch3
NiLabview Version2023 Updateq3_patch4
NiLabview Version2023 Updateq3_patch5
NiLabview Version2024 Updateq1
NiLabview Version2024 Updateq1_patch1
NiLabview Version2024 Updateq3
NiLabview Version2024 Updateq3_patch1
NiLabview Version2024 Updateq3_patch2
NiLabview Version2025 Updateq1
NiLabview Version2025 Updateq1_patch1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.208
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@ni.com 8.5 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
security@ni.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.