CVE-2025-30419

Name of the Vulnerable Software and Affected Versions: NI Circuit Design Suite versions 14.3.0 and prior versions

Description: The issue is due to a memory corruption vulnerability caused by an out of bounds read in the GetSymbolBorderRectSize() function when using the SymbolEditor. This may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file.

Recommendations: For versions 14.3.0 and prior, update to a version later than 14.3.0 to resolve the issue. As a temporary workaround, consider avoiding the use of the SymbolEditor or restricting the opening of .sym files from untrusted sources until a patch is available.