CVE-2025-30421

Name of the Vulnerable Software and Affected Versions: NI Circuit Design Suite versions 14.3.0 and prior versions

Description: The issue is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML Serialize() when using the SymbolEditor. This may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file.

Recommendations: For NI Circuit Design Suite versions 14.3.0 and prior, update to a version that fixes this issue to avoid exploitation. As a temporary workaround, consider avoiding the use of the SymbolEditor with untrusted .sym files until a patch is available.