CVE-2025-2629

Name of the Vulnerable Software and Affected Versions: NI LabVIEW versions prior to 2025 Q1

Description: The issue is related to a DLL hijacking vulnerability due to an uncontrolled search path when loading NI Error Reporting, which may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path.

Recommendations: For versions prior to 2025 Q1, update to a version that includes the fix for this issue to prevent arbitrary code execution. As a temporary workaround, consider restricting access to the NI Error Reporting module to minimize the risk of exploitation.