CVE-2025-12097
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2025-12-08

Assigner: National Instruments

Description
There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure.  Successful exploitation requires an attacker to send a specially crafted request to the NI System Web Server, allowing the attacker to read arbitrary files.  This vulnerability existed in the NI System Web Server 2012 and prior versions.  It was fixed in 2013.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2025-12-08
Generated
2026-06-16
AI Q&A
2025-12-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-12097
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
national_instruments labview 2009
national_instruments ni_system_web_server 2012
national_instruments labview 2010
national_instruments labview 2013
national_instruments labview 2011
national_instruments labview 2012
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-12097 is a relative path traversal vulnerability in the NI System Web Server, which is part of several National Instruments products like LabVIEW. An attacker can exploit this by sending a specially crafted request to the web server, allowing them to read arbitrary files on the affected system without authorization. This vulnerability existed in versions from 2012 and earlier and was fixed in the 2013 release. [1]

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information by allowing an attacker to read arbitrary files on the affected system remotely. Since it requires no privileges or user interaction and has a high confidentiality impact, it poses a significant risk of exposing confidential data, which could be exploited for further attacks or data breaches. [1]

Detection Guidance

Detection involves identifying if the NI System Web Server version 2012 or earlier is running, as these versions are vulnerable. You can check the version of the NI System Web Server installed on your system. Additionally, monitoring network traffic for specially crafted HTTP requests attempting relative path traversal patterns (e.g., requests containing '../' sequences) targeting the NI System Web Server may help detect exploitation attempts. Specific commands depend on your environment, but for example, on a system running the server, you might use commands like 'netstat -an | grep :<port>' to identify listening services, and 'curl' or 'wget' to test for path traversal by sending crafted requests. However, no explicit detection commands are provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading the NI System Web Server and affected products such as LabVIEW to versions from 2013 onward, where the vulnerability is fixed. Additionally, implement defense-in-depth strategies by avoiding direct Internet exposure of vulnerable systems, placing them behind firewalls or other network controls, and using secure remote access methods like VPNs to limit unauthorized access. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12097. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart