CVE-2025-64469— Stack-based Buffer Overflow in LVResource::DetachResource() in NI LabVIEW
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-64469
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack-based Buffer Overflow in LVResource::DetachResource() in NI LabVIEW
Source: NVD (National Vulnerability Database)
Vulnerability Description
There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
NI LabVIEW 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NI LabVIEW(National Instruments LabVIEW)是美国国家仪器(NI)公司的一个图形化程序编译平台。 NI LabVIEW 2025 Q3版本及之前版本存在安全漏洞,该漏洞源于解析损坏VI文件时存在栈缓冲区溢出,可能导致信息泄露或执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-64469
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-64469
请登录查看更多情报信息。
Same Patch Batch · NI · 2025-12-18 · 9 CVEs total
| CVE-2025-64461 | 7.8 HIGH | Out of Bounds Write in mgocre_SH_25_3!RevBL() in NI LabVIEW |
| CVE-2025-64465 | 7.8 HIGH | Out-of-Bounds Read in lvre!DataSizeTDR() in NI LabVIEW |
| CVE-2025-64463 | 7.8 HIGH | Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW |
| CVE-2025-64462 | 7.8 HIGH | Out-of-Bounds Read in LVResFile::RGetMemFileHandle() in NI LabVIEW |
| CVE-2025-64464 | 7.8 HIGH | Out-of-Bounds Read in lvre!VisaWriteFromFile() in NI LabVIEW |
| CVE-2025-64467 | 7.8 HIGH | Out-of-Bounds Read in LVResFile::FindRsrcListEntry() in NI LabVIEW |
| CVE-2025-64466 | 7.8 HIGH | Out-of-Bounds Read in lvre!ExecPostedProcRecPost() in NI LabVIEW |
| CVE-2025-64468 | 7.8 HIGH | Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW |
IV. Related Vulnerabilities
Same product: LabVIEW
- CVE-2026-32864
Out-of-Bounds Read in mgcore_SH_25_3!aligned_free() - CVE-2026-32863
Out-of-Bounds Read in sentry_transaction_context_set_operati - CVE-2026-32862
Out-of-Bounds Write in ResFileFactory::InitResourceMgr() - CVE-2026-32861
Out-of-Bounds Write Vulnerability in NI LabVIEW when loading - CVE-2026-32860
Out-of-Bounds Write Vulnerability in NI LabVIEW when loading
Same vendor: NI
- CVE-2026-32864
Out-of-Bounds Read in mgcore_SH_25_3!aligned_free() - CVE-2026-32863
Out-of-Bounds Read in sentry_transaction_context_set_operati - CVE-2026-32862
Out-of-Bounds Write in ResFileFactory::InitResourceMgr() - CVE-2026-32861
Out-of-Bounds Write Vulnerability in NI LabVIEW when loading - CVE-2026-32860
Out-of-Bounds Write Vulnerability in NI LabVIEW when loading
Same weakness: CWE-121
- CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8234
EFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-41509
Integer underflow in crypto_sign_open() leads to buffer over - CVE-2026-8138
Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based
V. Comments for CVE-2025-64469
No comments yet