Out of Bounds Read Vulnerability in NI LabVIEW Software
CVE-2025-64465

8.5HIGH

Key Information:

Vendor: Ni
Status: Labview
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-64465?

An out of bounds read vulnerability exists in NI LabVIEW when the software attempts to parse a corrupted VI file within the lvre!DataSizeTDR() function. This flaw can be exploited to lead to information disclosure or potential arbitrary code execution. Attackers need to lure a user into opening a specially crafted VI file to successfully exploit this vulnerability. Both NI LabVIEW 2025 Q3 (25.3) and earlier versions are susceptible to this issue.

Affected Version(s)

LabVIEW 0 <= 22.3.6

LabVIEW 23.1.0 <= 23.3.7

LabVIEW 24.1.0 <= 24.3.4

References

https://www.ni.com/en/support/security/available-critical...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Nov 4, 2025

Credit

Michael Heinzl working with CISA

JSON

Ni

What is CVE-2025-64465?

Affected Version(s)

References

CVSS V4

Timeline

Credit