National Instruments LabView

Monitor7.8ICS-CERT ICSA-25-352-03Dec 18, 2025

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

National Instruments LabVIEW contains multiple memory safety vulnerabilities (buffer overflow, buffer over-read, use-after-free, stack-based buffer overflow) that could allow an attacker to disclose information and execute arbitrary code on a machine running LabVIEW. The vulnerabilities affect LabVIEW 2021 through 2025_Q3.

What this means

What could happen

An attacker with local access to a machine running LabVIEW could execute arbitrary code or access sensitive data, potentially compromising the integrity of control logic, test systems, or data acquisition platforms that depend on LabVIEW for operation.

Who's at risk

Development and engineering teams using National Instruments LabVIEW for control system development, data acquisition, and testing. This includes teams at utilities, manufacturing plants, and research facilities that use LabVIEW to develop or run test automation or process monitoring applications. Both standalone developer machines and shared engineering workstations are at risk.

How it could be exploited

An attacker requires local access to the machine running LabVIEW and would likely need to trigger the vulnerability through a malicious project file, script, or user interaction that causes LabVIEW to process specially crafted input that exploits one of the memory safety flaws. Code execution would occur in the context of the LabVIEW process.

Prerequisites

Local access to the machine running LabVIEW
User interaction required (opening a project or file, or running code)
LabVIEW application must be running

Local access requiredUser interaction requiredMemory safety vulnerabilities enable code executionAffects multiple versions across several years of releasesLabVIEW 2021 out of mainstream support

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (5)

5 pending

ProductAffected VersionsFix Status

LabVIEW: <=2025_Q3≤ 2025 Q3No fix yet

LabVIEW: 20242024No fix yet

LabVIEW: 20232023No fix yet

LabVIEW: 20222022No fix yet

LabVIEW: 20212021No fix yet

Remediation & Mitigation

0/7

Do now

0/2

HARDENINGRestrict local access to machines running LabVIEW to trusted users only and disable untrusted network shares or file sources

WORKAROUNDDisable or restrict opening of LabVIEW projects from untrusted sources until patches are applied

Schedule — requires maintenance window

0/4

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade LabVIEW 2025 to Q3 Patch 3 or later via NI Package Manager or Software Downloads

HOTFIXUpgrade LabVIEW 2024 to Q3 Patch 5 or later via NI Package Manager or Software Downloads

HOTFIXUpgrade LabVIEW 2023 to Q3 Patch 8 or later via NI Package Manager or Software Downloads

HOTFIXUpgrade LabVIEW 2022 to Q3 Patch 7 or later via NI Package Manager or Software Downloads

Long-term hardening

0/1

HARDENINGLabVIEW 2021 is out of mainstream support; plan migration to a supported version

CVEs (9)

CVE-2025-64461 CVE-2025-64462 CVE-2025-64463 CVE-2025-64464 CVE-2025-64465 CVE-2025-64466 CVE-2025-64467 CVE-2025-64468 CVE-2025-64469

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/73a2302a-3539-4f17-9e3a-06c1493fe108