Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts

July 23, 2025 invoker category_cve

CVE Details

Basic Information

Title Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts
Type cve
Published 2025-07-23T15:49:06.836Z
Modified 2025-07-23T15:49:06.836Z

Product Information

Vendor NI
Product LabVIEW
Version 0

CVSS Information

Base Score 7.8 (HIGH)
Attack Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

  • NI LabVIEW 0
  • NI LabVIEW 23.0.0
  • NI LabVIEW 24.0.0
  • NI LabVIEW 25.0.0

Additional Information

CWE List CWE-1285
Source NI

Description

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.