Vulnerability Details CVE-2025-6034
There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.6%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-6034
-
cpe:2.3:a:ni:circuit_design_suite:10.0
-
cpe:2.3:a:ni:circuit_design_suite:10.0.1
-
cpe:2.3:a:ni:circuit_design_suite:10.1
-
cpe:2.3:a:ni:circuit_design_suite:11.0
-
cpe:2.3:a:ni:circuit_design_suite:11.0.1
-
cpe:2.3:a:ni:circuit_design_suite:11.0.2
-
cpe:2.3:a:ni:circuit_design_suite:12.0
-
cpe:2.3:a:ni:circuit_design_suite:12.0.1
-
cpe:2.3:a:ni:circuit_design_suite:13.0
-
cpe:2.3:a:ni:circuit_design_suite:13.0.1
-
cpe:2.3:a:ni:circuit_design_suite:14.0
-
cpe:2.3:a:ni:circuit_design_suite:14.0.1
-
cpe:2.3:a:ni:circuit_design_suite:14.1
-
cpe:2.3:a:ni:circuit_design_suite:14.2.0
-
cpe:2.3:a:ni:circuit_design_suite:14.3.0
-
cpe:2.3:a:ni:circuit_design_suite:14.3.1