Out of Bounds Read Vulnerability in NI LabVIEW
CVE-2025-64462

8.5HIGH

Key Information:

Vendor: Ni
Status: Labview
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-64462?

An out of bounds read vulnerability exists in NI LabVIEW within the LVResFile::RGetMemFileHandle() function when it attempts to parse a corrupted VI file. This flaw can potentially lead to sensitive information disclosure or enable remote arbitrary code execution. For successful exploitation, an attacker must trick a victim into opening a specifically crafted VI file. This vulnerability impacts NI LabVIEW 2025 Q3 (25.3) and earlier versions, highlighting a significant security concern for users of the software.

Affected Version(s)

LabVIEW 0 <= 22.3.6

LabVIEW 23.1.0 <= 23.3.7

LabVIEW 24.1.0 <= 24.3.4

References

https://www.ni.com/en/support/security/available-critical...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Nov 4, 2025

Credit

Michael Heinzl working with CISA

JSON

Ni

What is CVE-2025-64462?

Affected Version(s)

References

CVSS V4

Timeline

Credit