Code Injection Vulnerability in NI LabVIEW 32-bit Software
CVE-2025-7361

8.5HIGH

Key Information:

Vendor: Ni
Status: Labview
Vendor: CVE Published:; 29 July 2025

What is CVE-2025-7361?

A vulnerability in NI LabVIEW allows for code injection due to an improper initialization check. An attacker can exploit this by persuading a user to open a specially crafted Virtual Instrument (VI) utilizing a Code Interface Node (CIN). This vulnerability affects only the 32-bit versions of NI LabVIEW 2025 Q1 and earlier. 64-bit versions are unaffected as they do not support CIN nodes, making them immune to this specific attack vector.

Affected Version(s)

LabVIEW Windows 0 <= 22.3.5

LabVIEW Windows 23.0.0 <= 23.3.6

LabVIEW Windows 24.0.0 <= 24.3.3

References

https://www.ni.com/en/support/security/available-critical...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jul 8, 2025

Ni

What is CVE-2025-7361?

Affected Version(s)

References

CVSS V4

Timeline