Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7849

A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Published

2025-07-29T22:15:26.030

Last Modified

2025-08-19T15:43:11.880

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-1285

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ni	labview	≤ 2021	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2022	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2023	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2024	Yes
Application	ni	labview	2025	Yes
Application	ni	labview	2025	Yes
Application	ni	labview	2025	Yes

References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-ni-labview.html Vendor Advisory ([email protected])