Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-64469

Опубликовано: 18 дек. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ni:labview:2022:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2022:q3_patch6:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch6:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch7:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:-:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3_patch2:*:*:*:*:*:*

EPSS

Процентиль: 4%
0.00018
Низкий

7.8 High

CVSS3

Дефекты

CWE-121

Связанные уязвимости

github логотип

GHSA-q3mg-3x76-2jfw

CVSS3: 7.8
github
около 2 месяцев назад

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

EPSS

Процентиль: 4%
0.00018
Низкий

7.8 High

CVSS3

Дефекты

CWE-121