CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
CVE-2024-36342 (GCVE-0-2024-36342)
Vulnerability from cvelistv5
Published
2025-09-06 17:42
Modified
2025-09-23 21:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36342",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T03:55:24.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.x"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "amd_chipset_software_7.06.02.123.exe , PSP driver version: 5.39.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "amd_chipset_software_7.06.02.123.exe , PSP driver version: 5.39.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "amd_chipset_software_7.06.02.123.exe , PSP driver version: 5.39.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "amd_chipset_software_7.06.02.123.exe , PSP driver version: 5.39.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX Vega Series Graphics Cards",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO VII",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Radeon Software for Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI210",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI250",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI308X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI325X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V520 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V620 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V710 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2025-09-06T17:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.\u003cbr\u003e"
}
],
"value": "Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T21:27:40.844Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36342",
"datePublished": "2025-09-06T17:42:00.232Z",
"dateReserved": "2024-05-23T19:44:47.200Z",
"dateUpdated": "2025-09-23T21:27:40.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2633 (GCVE-0-2025-2633)
Vulnerability from cvelistv5
Published
2025-07-23 15:49
Modified
2025-07-23 17:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.3 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T17:23:47.897012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T17:23:55.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "LabVIEW",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "22.3.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "23.3.6",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "24.3.3",
"status": "affected",
"version": "24.0.0",
"versionType": "semver"
},
{
"lessThan": "25.3.0",
"status": "affected",
"version": "25.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl working with CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.\u003c/p\u003e"
}
],
"value": "Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T15:49:06.836Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-2633",
"datePublished": "2025-07-23T15:49:06.836Z",
"dateReserved": "2025-03-21T21:15:17.811Z",
"dateUpdated": "2025-07-23T17:23:55.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2634 (GCVE-0-2025-2634)
Vulnerability from cvelistv5
Published
2025-07-23 15:53
Modified
2025-07-23 20:10
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.3 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T20:09:47.785454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T20:10:00.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "LabVIEW",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "22.3.5",
"status": "affected",
"version": "0",
"versionType": "sem"
},
{
"lessThanOrEqual": "23.3.6",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "24.3.3",
"status": "affected",
"version": "24.0.0",
"versionType": "semver"
},
{
"lessThan": "25.3.0",
"status": "affected",
"version": "25.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl working with CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.\u003c/p\u003e"
}
],
"value": "Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T15:53:25.130Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out of Bounds Read Vulnerability in NI LabVIEW when building font map",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-2634",
"datePublished": "2025-07-23T15:53:25.130Z",
"dateReserved": "2025-03-21T21:15:19.488Z",
"dateUpdated": "2025-07-23T20:10:00.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3357 (GCVE-0-2025-3357)
Vulnerability from cvelistv5
Published
2025-05-28 14:51
Modified
2025-08-26 14:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7234923 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Tivoli Monitoring |
Version: 6.3.0.7 ≤ 6.3.0.7 SP15 cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:* cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-28T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T03:55:49.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Tivoli Monitoring",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "6.3.0.7 SP15",
"status": "affected",
"version": "6.3.0.7",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aleksandr Tlyapov"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u0026nbsp;could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
}
],
"value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u00a0could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T14:56:28.301Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7234923"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Tivoli Monitoring code execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-3357",
"datePublished": "2025-05-28T14:51:29.649Z",
"dateReserved": "2025-04-06T21:14:20.726Z",
"dateUpdated": "2025-08-26T14:56:28.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3755 (GCVE-0-2025-3755)
Vulnerability from cvelistv5
Published
2025-05-29 04:47
Modified
2025-08-27 08:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf | vendor-advisory | |
| https://jvn.jp/vu/JVNVU94070048/ | government-resource | |
| https://www.cisa.gov/news-events/ics-advisories/icsa-25-153-03 | government-resource |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Mitsubishi Electric Corporation | MELSEC iQ-F Series FX5U-32MT/ES |
Version: All versions |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-29T13:16:50.949939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T13:17:00.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery.\u003cbr\u003e"
}
],
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial-of-Service (DoS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T08:02:37.808Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU94070048/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-153-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-3755",
"datePublished": "2025-05-29T04:47:52.187Z",
"dateReserved": "2025-04-17T07:04:51.773Z",
"dateUpdated": "2025-08-27T08:02:37.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57774 (GCVE-0-2025-57774)
Vulnerability from cvelistv5
Published
2025-09-02 18:15
Modified
2025-09-02 19:26
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T19:26:34.416788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T19:26:41.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DASYLab",
"vendor": "Digilent",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kimiya working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThere is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. \u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T18:15:10.516Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out Of Bounds Write of invalid data when parsing a DSB file with Digilent DASYLab",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-57774",
"datePublished": "2025-09-02T18:15:10.516Z",
"dateReserved": "2025-08-19T16:50:56.823Z",
"dateUpdated": "2025-09-02T19:26:41.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57775 (GCVE-0-2025-57775)
Vulnerability from cvelistv5
Published
2025-09-02 18:21
Modified
2025-09-02 19:19
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T19:19:17.145315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T19:19:22.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DASYLab",
"vendor": "Digilent",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kimiya working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThere is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T18:21:16.129Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Heap-based Buffer Overflow when parsing a DSB file with Digilent DASYLab",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-57775",
"datePublished": "2025-09-02T18:21:16.129Z",
"dateReserved": "2025-08-19T16:50:56.823Z",
"dateUpdated": "2025-09-02T19:19:22.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57776 (GCVE-0-2025-57776)
Vulnerability from cvelistv5
Published
2025-09-02 18:16
Modified
2025-09-02 19:26
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T19:26:17.661447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T19:26:22.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DASYLab",
"vendor": "Digilent",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kimiya working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThere is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.\u003c/p\u003e \u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T18:16:01.400Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out Of Bounds Write to invalid address when parsing a DSB file with Digilent DASYLab",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-57776",
"datePublished": "2025-09-02T18:16:01.400Z",
"dateReserved": "2025-08-19T16:50:56.823Z",
"dateUpdated": "2025-09-02T19:26:22.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57777 (GCVE-0-2025-57777)
Vulnerability from cvelistv5
Published
2025-09-02 18:22
Modified
2025-09-02 19:10
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T19:10:27.062457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T19:10:31.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DASYLab",
"vendor": "Digilent",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kimiya working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThere is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T18:22:00.738Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out Of Bounds Write in displ2.dll when parsing a DSB file with Digilent DASYLab",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-57777",
"datePublished": "2025-09-02T18:22:00.738Z",
"dateReserved": "2025-08-19T16:50:56.823Z",
"dateUpdated": "2025-09-02T19:10:31.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57778 (GCVE-0-2025-57778)
Vulnerability from cvelistv5
Published
2025-09-02 18:16
Modified
2025-09-02 19:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Summary
There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T19:23:33.605103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T19:23:38.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DASYLab",
"vendor": "Digilent",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kimiya working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThere is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e \u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T18:16:54.772Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out Of Bounds Write to invalid source address when parsing a DSB file with Digilent DASYLab",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-57778",
"datePublished": "2025-09-02T18:16:54.772Z",
"dateReserved": "2025-08-19T16:50:56.824Z",
"dateUpdated": "2025-09-02T19:23:38.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-5
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.