CVE-2025-2629— DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting

DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

对搜索路径元素未加控制

NI LabVIEW（National Instruments LabVIEW） 安全漏洞

NI LabVIEW（National Instruments LabVIEW）是美国国家仪器（NI）公司的一个图形化程序编译平台。 NI LabVIEW（National Instruments LabVIEW） 2025 Q1及之前版本存在安全漏洞，该漏洞源于搜索路径不受控制，可能导致执行任意代码。

N/A

N/A