CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory writes. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

CVE-2025-2631

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI...

CVE-2025-2632

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects ...

CVE-2025-2629

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path...

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

CVE-2025-2631

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI...

CVE-2025-2631

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI...

CVE-2025-2632

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects ...

CVE-2025-2632

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects ...

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

CVE-2025-2629

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path...

CVE-2025-2629

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path...

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

CVE-2025-2632 Out of Bounds Write Vulnerability in NI LabVIEW reading CPU info from cache

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects ...

CVE-2025-2632 Out of Bounds Write Vulnerability in NI LabVIEW reading CPU info from cache

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects ...

CVE-2025-2632

CVE-2025-2632 : NI LabVIEW (2025 Q1 and earlier) is affected by an out-of-bounds write caused by improper bounds checking when reading CPU information from cache. This can lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI. The ...

CVE-2025-2631 Out of Bounds Write Vulnerability in NI LabVIEW in InitCPUInformation()

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI...

CVE-2025-2631

NI LabVIEW up to 2025 Q1 is affected by an out-of-bounds write in InitCPUInformation() due to improper bounds checking. This can lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI (local vector, user interaction needed). Affecte...

CVE-2025-2631 Out of Bounds Write Vulnerability in NI LabVIEW in InitCPUInformation()

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI...