CVE-2025-64468

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions

Ссылки

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/multiple-memory-corruption-vulnerabilities-in-ni-labview.html
Vendor Advisory
Mitigation

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ni:labview:2022:q1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3_patch2:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3_patch4:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3_patch5:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2022:q3_patch6:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch4:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch5:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch6:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2023:q3_patch7:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:-:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q1_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q3_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q3_patch2:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q3_patch3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2024:q3_patch4:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q1_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q1_patch2:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q1_patch3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q3:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q3_patch1:*:*:*:*:*:*

cpe:2.3:a:ni:labview:2025:q3_patch2:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00018

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

GHSA-x9f9-2ggr-mmjg