CVE-2025-12097
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-12097, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-04

Last updated on: 2025-12-08

Assigner: National Instruments

Description

There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure.  Successful exploitation requires an attacker to send a specially crafted request to the NI System Web Server, allowing the attacker to read arbitrary files.  This vulnerability existed in the NI System Web Server 2012 and prior versions.  It was fixed in 2013.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-04
Last Modified
2025-12-08
Generated
2026-07-06
AI Q&A
2025-12-04
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
national_instruments labview 2009
national_instruments ni_system_web_server 2012
national_instruments labview 2010
national_instruments labview 2013
national_instruments labview 2011
national_instruments labview 2012

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-12097 is a relative path traversal vulnerability in the NI System Web Server, which is part of several National Instruments products like LabVIEW. An attacker can exploit this by sending a specially crafted request to the web server, allowing them to read arbitrary files on the affected system without authorization. This vulnerability existed in versions from 2012 and earlier and was fixed in the 2013 release. [1]

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information by allowing an attacker to read arbitrary files on the affected system remotely. Since it requires no privileges or user interaction and has a high confidentiality impact, it poses a significant risk of exposing confidential data, which could be exploited for further attacks or data breaches. [1]

Detection Guidance

Detection involves identifying if the NI System Web Server version 2012 or earlier is running, as these versions are vulnerable. You can check the version of the NI System Web Server installed on your system. Additionally, monitoring network traffic for specially crafted HTTP requests attempting relative path traversal patterns (e.g., requests containing '../' sequences) targeting the NI System Web Server may help detect exploitation attempts. Specific commands depend on your environment, but for example, on a system running the server, you might use commands like 'netstat -an | grep :<port>' to identify listening services, and 'curl' or 'wget' to test for path traversal by sending crafted requests. However, no explicit detection commands are provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading the NI System Web Server and affected products such as LabVIEW to versions from 2013 onward, where the vulnerability is fixed. Additionally, implement defense-in-depth strategies by avoiding direct Internet exposure of vulnerable systems, placing them behind firewalls or other network controls, and using secure remote access methods like VPNs to limit unauthorized access. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12097. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart