PT-2025-21335 · National Instruments · Ni Circuit Design Suite
Michael Heinzl
·
Published
2025-05-15
·
Updated
2025-05-20
·
CVE-2025-30418
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NI Circuit Design Suite versions 14.3.0 and prior
Description:
The issue is a memory corruption vulnerability due to an out of bounds write in the
CheckPins() function when using the SymbolEditor in NI Circuit Design Suite. This may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file.Recommendations:
For NI Circuit Design Suite versions 14.3.0 and prior, update to a version that contains a fix for this issue to prevent exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ni Circuit Design Suite