---
title: "Critical LabVIEW Vulnerabilities Allow Arbitrary Code Execution"
short_title: "LabVIEW flaws enable code execution risks"
description: "Nine high-severity vulnerabilities in National Instruments LabVIEW could let attackers execute arbitrary code or disclose sensitive data. Patch now to secure systems."
author: "Vitus"
date: 2025-01-24
categories: [Cybersecurity, Vulnerabilities]
tags: [labview, cve-2025, arbitrary-code-execution, ni, cybersecurity]
score: 0.85
cve_ids: [CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469]
---
TL;DR
Nine high-severity vulnerabilities in National Instruments (NI) LabVIEW could allow attackers to execute arbitrary code or disclose sensitive information. Exploitation requires tricking users into opening malicious VI files. Immediate patching is recommended for all affected versions to mitigate risks in critical infrastructure sectors.
---
Main Content
Introduction
National Instruments (NI) LabVIEW, a widely used system-design platform, has been found vulnerable to nine high-severity security flaws that could enable attackers to execute arbitrary code or access sensitive data. These vulnerabilities, tracked under CVE-2025-64461 through CVE-2025-64469, affect multiple versions of LabVIEW and pose significant risks to organizations in critical manufacturing, defense, IT, and transportation sectors. Successful exploitation requires user interaction, such as opening a specially crafted VI file.
---
Key Points
- Nine high-severity vulnerabilities identified in NI LabVIEW, all with a CVSS score of 7.8.
- Vulnerabilities include out-of-bounds write/read, use-after-free, and stack-based buffer overflow flaws.
- Exploitation could lead to arbitrary code execution or information disclosure.
- Affected versions: LabVIEW 2021 through 2025 Q3.
- Patches available for LabVIEW 2022–2025; LabVIEW 2021 is no longer supported.
- Critical infrastructure sectors, including manufacturing, defense, and transportation, are at risk.
---
Technical Details
#### Vulnerability Breakdown
The vulnerabilities stem from improper handling of corrupted VI files in LabVIEW. Here’s a breakdown of the flaws:
| CVE ID | Type | Impact | CWE |
|------------------|------------------------------|--------------------------------------------|----------------------------------|
| CVE-2025-64461 | Out-of-bounds Write | Arbitrary code execution | CWE-787 |
| CVE-2025-64462 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64463 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64464 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64465 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64466 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64467 | Out-of-bounds Read | Information disclosure or code execution | CWE-125 |
| CVE-2025-64468 | Use After Free | Arbitrary code execution | CWE-416 |
| CVE-2025-64469 | Stack-based Buffer Overflow | Arbitrary code execution | CWE-121 |
#### Attack Vector
To exploit these vulnerabilities, an attacker must trick a user into opening a malicious VI file. This could be achieved through phishing emails, malicious downloads, or compromised file-sharing platforms. Once the file is opened, the attacker can execute arbitrary code or access sensitive information on the victim’s system.
#### Affected Systems
The following versions of LabVIEW are affected:
- LabVIEW 2021 (no longer supported)
- LabVIEW 2022 (upgrade to 2022 Q3 Patch 7 or later)
- LabVIEW 2023 (upgrade to 2023 Q3 Patch 8 or later)
- LabVIEW 2024 (upgrade to 2024 Q3 Patch 5 or later)
- LabVIEW 2025 Q3 (upgrade to 2025 Q3 Patch 3 or later)
---
Impact Assessment
The vulnerabilities pose a high risk to organizations relying on LabVIEW for critical operations. Successful exploitation could result in:
- Arbitrary code execution, allowing attackers to take control of affected systems.
- Information disclosure, leading to the exposure of sensitive data.
- Disruption of operations in critical infrastructure sectors, including manufacturing, defense, and transportation.
Given the global deployment of LabVIEW and its use in high-stakes industries, these vulnerabilities could have far-reaching consequences if left unpatched.
---
Mitigation Steps
National Instruments has released patches to address these vulnerabilities. Users are urged to:
1. Upgrade immediately to the latest patched versions:
- LabVIEW 2025: 2025 Q3 Patch 3 or later.
- LabVIEW 2024: 2024 Q3 Patch 5 or later.
- LabVIEW 2023: 2023 Q3 Patch 8 or later.
- LabVIEW 2022: 2022 Q3 Patch 7 or later.
2. LabVIEW 2021 users should migrate to a supported version, as no patches will be provided.
3. Follow best practices for cybersecurity:
- Avoid opening VI files from untrusted sources.
- Isolate LabVIEW systems from business networks.
- Use VPNs for remote access and ensure they are up-to-date.
4. Refer to the [National Instruments security advisory](https://www.ni.com/security) for additional guidance.
---
Conclusion
The discovery of nine high-severity vulnerabilities in NI LabVIEW underscores the importance of proactive patch management and user awareness in preventing cyberattacks. Organizations in critical infrastructure sectors must act swiftly to apply the available patches and mitigate the risks of arbitrary code execution and information disclosure. As LabVIEW is widely used in industrial and research environments, these vulnerabilities serve as a reminder of the need for robust cybersecurity practices in operational technology (OT) systems.
---
References
[^1]: CISA. "[ICS Advisory (ICSA-25-352-03)](https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-03)". Retrieved 2025-01-24.
[^2]: National Instruments. "[LabVIEW Security Advisory](https://www.ni.com/security)". Retrieved 2025-01-24.
[^3]: MITRE. "[CWE-787: Out-of-bounds Write](https://cwe.mitre.org/data/definitions/787.html)". Retrieved 2025-01-24.