PT-2025-37723 · Digilent · Digilent Waveforms
Kimiya
·
Published
2025-09-15
·
Updated
2025-09-20
·
CVE-2025-10203
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Digilent WaveForms versions prior to 3.24.4
Description
A relative path traversal vulnerability exists due to improper input validation in Digilent WaveForms, potentially leading to arbitrary code execution. Successful exploitation requires an attacker to trick a user into opening a specially crafted
.DWF3WORK file.Recommendations
Update Digilent WaveForms to version 3.24.4 or later.
Fix
RCE
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Digilent Waveforms