← volver
CVE-2025-6034

Out of Bounds Read in DefaultFontOptions() in NI Circuit Design Suite

CVSS 8.5 HIGHEPSS 0.2%CWE-125
There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
NI · Circuit Design Suite

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-input-validation-causes-memory-corruption-vulnerabilities-in-circuit-design-suite.html