- Description
- There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
- Source
- security@ni.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 8.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
CVE-2025-30419 There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. This vul… https://t.co/BnzQQaAqRE
@CVEnew
15 May 2025
225 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-30419: HIGH] Critical memory corruption vulnerability in NI Circuit Design Suite 14.3.0 and earlier versions. Attackers can craft a .sym file to execute arbitrary code or disclose information.#cve,CVE-2025-30419,#cybersecurity https://t.co/p5bxucA8tk https://t.co/U0myMD
@CveFindCom
15 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:circuit_design_suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB025F12-FF09-43D3-8CE9-0F0300DFB092",
"versionEndExcluding": "14.3.1"
}
],
"operator": "OR"
}
]
}
]