CVE-2025-64466 National Instruments CVE debrief

Who should care

Organizations that use National Instruments LabVIEW, especially teams that exchange, review, or open VI files from external or untrusted sources. Administrators responsible for LabVIEW patching should prioritize affected deployments.

Technical summary

The official advisory describes an out-of-bounds read in lvre!ExecPostedProcRecPost() triggered by opening a corrupted VI. The attack requires user interaction (a user must open a specially crafted VI file). CISA lists the issue with CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H and score 7.8, indicating potential impact to confidentiality, integrity, and availability.

Defensive priority

High

Recommended defensive actions

• Upgrade LabVIEW 2025 to LabVIEW 2025 Q3 Patch 3 or later using NI Package Manager or Software Downloads.
• Upgrade LabVIEW 2024 to LabVIEW 2024 Q3 Patch 5 or later using NI Package Manager or Software Downloads.
• Upgrade LabVIEW 2023 to LabVIEW 2023 Q3 Patch 8 or later using NI Package Manager or Software Downloads.
• Upgrade LabVIEW 2022 to LabVIEW 2022 Q3 Patch 7 or later using NI Package Manager or Software Downloads.
• If you still rely on LabVIEW 2021, note that it is not in mainstream support and work with NI on a supported remediation path.
• Reduce exposure to untrusted VI files and treat any unexpected or corrupted VI as suspicious until patched systems are confirmed safe.

Evidence notes

Based on the supplied CISA CSAF advisory for National Instruments LabVIEW (ICSA-25-352-03) and the referenced official NI remediation guidance. The source states the vulnerability occurs when opening a corrupted VI and that exploitation requires user interaction. The advisory also provides version-specific fixes for LabVIEW 2025, 2024, 2023, and 2022, and notes LabVIEW 2021 is not in mainstream support.

Official resources