Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6034

There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions.

Published

2025-09-30T16:15:53.680

Last Modified

2025-10-07T13:20:48.400

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ni	circuit_design_suite	< 14.3.2	Yes

References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/improper-input-validation-causes-memory-corruption-vulnerabilities-in-circuit-design-suite.html Vendor Advisory ([email protected])