CVE-2025-2629

HIGH Year: 2025
CVSS v3 Score
7.3
High
Weakness Type
CWE-427
View all →

Vulnerability Description

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Related Vulnerabilities

CVE-2015-1014

HIGH
CVSS:7.3(High)

A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expe...

CWE-4272015

CVE-2017-4987

HIGH
CVSS:7.3(High)

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potenti...

CWE-4272017

CVE-2018-11049

HIGH
CVSS:7.3(High)

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unin...

CWE-4272018

CVE-2019-16407

HIGH
CVSS:7.3(High)

JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

CWE-4272019

CVE-2019-19954

HIGH
CVSS:7.3(High)

Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.

CWE-4272019

CVE-2019-3613

HIGH
CVSS:7.3(High)

DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.

CWE-4272019