8.5

CVE-2025-2632

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted VI.  This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
NiLabview Version <= 2021
NiLabview Version2022 Updateq1
NiLabview Version2022 Updateq3
NiLabview Version2022 Updateq3_patch1
NiLabview Version2022 Updateq3_patch2
NiLabview Version2022 Updateq3_patch4
NiLabview Version2023 Updateq1
NiLabview Version2023 Updateq3
NiLabview Version2023 Updateq3_patch1
NiLabview Version2023 Updateq3_patch2
NiLabview Version2023 Updateq3_patch3
NiLabview Version2023 Updateq3_patch4
NiLabview Version2023 Updateq3_patch5
NiLabview Version2024 Updateq1
NiLabview Version2024 Updateq1_patch1
NiLabview Version2024 Updateq3
NiLabview Version2024 Updateq3_patch1
NiLabview Version2024 Updateq3_patch2
NiLabview Version2025 Updateq1
NiLabview Version2025 Updateq1_patch1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.024
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
security@ni.com 8.5 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
security@ni.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.