CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2632 – Out of Bounds Write Vulnerability in NI LabVIEW reading CPU info from cache
https://notcve.org/view.php?id=CVE-2025-2632
09 Apr 2025 — Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-vulnerabilities-in-ni-labview.html • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2631 – Out of Bounds Write Vulnerability in NI LabVIEW in InitCPUInformation()
https://notcve.org/view.php?id=CVE-2025-2631
09 Apr 2025 — Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-vulnerabilities-in-ni-labview.html • CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2630 – DLL Hijacking Vulnerability in NI LabVIEW
https://notcve.org/view.php?id=CVE-2025-2630
09 Apr 2025 — There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dll-hijacking-vulnerability-in-ni-labview.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2629 – DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting
https://notcve.org/view.php?id=CVE-2025-2629
09 Apr 2025 — There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dll-hijacking-vulnerability-in-ni-labview-when-loading-ni-error-reporting.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10496 – Out of bounds read in BuildFontMap in fontmgr.cpp in NI LabVIEW
https://notcve.org/view.php?id=CVE-2024-10496
10 Dec 2024 — An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview-.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2013-5022
https://notcve.org/view.php?id=CVE-2013-5022
06 Aug 2013 — Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. Una vulnerabilidad de salto de ruta (path) en el control de 3D Graph ActiveX en el archivo cw3dgrph.ocx ... • http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5023
https://notcve.org/view.php?id=CVE-2013-5023
06 Aug 2013 — The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. Vulnerabilidad sin especificar en un control ActiveX en el componente HelpAsst en NI Help Links in National Instruments LabWindows/CVI, LabVIEW, y otros productos, tiene un impacto desconocido y vectores de ataque remotos. • http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-5021 – ABB DataManager National Instruments Multiple ActiveX Controls cwui.ocx ExportStyle() Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5021
11 Jun 2013 — Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunc... • http://digital.ni.com/public.nsf/allkb/04B876608790082C86257BD1000CC950?OpenDocument • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •