CVE-2025-2629
HIGHNI LabVIEW <2025 Q1 - RCE
Title source: llmDescription
There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Scores
CVSS v3
7.3
EPSS
0.0006
EPSS Percentile
18.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Classification
CWE
CWE-427
Status
published
Affected Products (20)
ni/labview
< 2021
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
ni/labview
... and 5 more
Timeline
Published
Apr 09, 2025
Tracked Since
Feb 18, 2026