CVE-2025-30419

HIGH

NI Circuit Design Suite <14.3.0 - Memory Corruption

Title source: llm

Description

There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.

References (1)

Core 1

Core References

Vendor Advisory

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-ni-circuit-design-suite.html

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 20.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-125

Status published

Products (1)

ni/circuit_design_suite < 14.3.1

Published May 15, 2025

Tracked Since Feb 18, 2026