Out of Bounds Read in DefaultFontOptions() in NI Circuit Design...

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions.

Basic Information

ID CVE-2025-6034

Source NI

Published Sep 30, 2025 at 16:07

Affected Product

Vendor NI

Product Circuit Design Suite

Affected Versions NI Circuit Design Suite 0

CWE Classification

CWE-125

References

www.ni.com /en/support/security/available-critical-and-security-updates-for-ni-software/improper-input-validation-causes-memory-corruption-vulnerabilities-in-circuit-design-suite.html

{
    "lastseen": "",
    "description": "There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite. \u00a0This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions.",
    "published": "2025-09-30T16:07:21.551Z",
    "modified": "2025-09-30T16:07:21.551Z",
    "type": "cve",
    "title": "Out of Bounds Read in DefaultFontOptions() in NI Circuit Design Suite",
    "source": "NI",
    "references": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-input-validation-causes-memory-corruption-vulnerabilities-in-circuit-design-suite.html",
    "id": "CVE-2025-6034",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "NI Circuit Design Suite 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Circuit Design Suite",
    "version": "0",
    "vendor": "NI",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Out of Bounds Read in DefaultFontOptions() in NI Circuit Design Suite_CVE-2025-6034