Common Weakness Enumeration

CWE-787

Allowed-with-Review

Out-of-bounds Write

Abstraction: Base · Status: Draft

The product writes data past the end, or before the beginning, of the intended buffer.

15110 vulnerabilities reference this CWE, most recent first.

CVE-2025-2146 (GCVE-0-2025-2146)

Vulnerability from cvelistv5 – Published: 2025-05-25 23:36 – Updated: 2025-05-27 14:20
VLAI
Summary
Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Canon Inc. Satera MF656Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Satera MF654Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Satera MF551dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Satera MF457dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS MF656Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS MF654Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS MF653Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS MF652Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS LBP633Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. Color imageCLASS LBP632Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS MF455dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS MF453dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS MF452dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS MF451dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS LBP237dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS LBP236dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS X MF1238 II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS X MF1643i II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS X MF1643iF II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageCLASS X LBP1238 II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF657Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF655Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF651Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS LBP633Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS LBP631Cdw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF553dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF552dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF455dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS MF453dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS LBP236dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS LBP233dw Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageRUNNER 1643iF II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. imageRUNNER 1643i II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS X 1238iF II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS X 1238i II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS X 1238P II Affected: 05.07 and earlier
Create a notification for this product.
Canon Inc. i-SENSYS X 1238Pr II Affected: 05.07 and earlier
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2146",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T14:19:02.334772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T14:20:02.153Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Satera MF656Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Satera MF654Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Satera MF551dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Satera MF457dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS MF656Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS MF654Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS MF653Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS MF652Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS LBP633Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "Color imageCLASS LBP632Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS MF455dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS MF453dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS MF452dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS MF451dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS LBP237dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS LBP236dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS X MF1238 II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS X MF1643i II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS X MF1643iF II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageCLASS X LBP1238 II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF657Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF655Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF651Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS LBP633Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS LBP631Cdw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF553dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF552dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF455dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS MF453dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS LBP236dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS LBP233dw",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageRUNNER 1643iF II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "imageRUNNER 1643i II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS X 1238iF II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS X 1238i II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS X 1238P II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        },
        {
          "product": "i-SENSYS X 1238Pr II",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "05.07 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eBuffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.\u003c/p\u003e"
            }
          ],
          "value": "Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-25T23:36:36.024Z",
        "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "shortName": "Canon"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.canon/advisory-information/cp2025-001/"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://canon.jp/support/support-info/250127vulnerability-response"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.canon-europe.com/support/product-security/#news"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
    "assignerShortName": "Canon",
    "cveId": "CVE-2025-2146",
    "datePublished": "2025-05-25T23:36:36.024Z",
    "dateReserved": "2025-03-10T04:32:48.049Z",
    "dateUpdated": "2025-05-27T14:20:02.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2020 (GCVE-0-2025-2020)

Vulnerability from cvelistv5 – Published: 2025-03-11 20:43 – Updated: 2025-03-12 14:41
VLAI
Title
Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Summary
Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25254.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
Ashlar-Vellum Cobalt Affected: 1204.91
Create a notification for this product.
Date Public
2025-03-10 22:01
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-12T14:25:46.811510Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-12T14:41:17.693Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cobalt",
          "vendor": "Ashlar-Vellum",
          "versions": [
            {
              "status": "affected",
              "version": "1204.91"
            }
          ]
        }
      ],
      "dateAssigned": "2025-03-05T23:40:23.544Z",
      "datePublic": "2025-03-10T22:01:42.945Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25254."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-11T20:43:06.042Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-124",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-124/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-2020",
    "datePublished": "2025-03-11T20:43:06.042Z",
    "dateReserved": "2025-03-05T23:40:23.518Z",
    "dateUpdated": "2025-03-12T14:41:17.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1924 (GCVE-0-2025-1924)

Vulnerability from cvelistv5 – Published: 2026-02-13 04:46 – Updated: 2026-02-13 13:07
VLAI
Summary
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-191 - Integer Underflow (Wrap or Wraparound)
  • CWE-787 - Out-of-bounds Write
Assigner
Impacted products
Vendor Product Version
Yokogawa Electric Corporation Vnet/IP Interface Package Affected: R1.07.00 or earlier (custom)
Create a notification for this product.
Date Public
2026-02-13 03:41
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1924",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-13T13:06:54.726341Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-13T13:07:18.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Vnet/IP Interface Package",
          "vendor": "Yokogawa Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "R1.07.00 or earlier",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2026-02-13T03:41:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation.\u003cbr\u003eIf affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed.\u003cbr\u003eThe affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier"
            }
          ],
          "value": "A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation.\nIf affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed.\nThe affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-13T04:46:05.460Z",
        "orgId": "7168b535-132a-4efe-a076-338f829b2eb9",
        "shortName": "YokogawaGroup"
      },
      "references": [
        {
          "url": "https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7168b535-132a-4efe-a076-338f829b2eb9",
    "assignerShortName": "YokogawaGroup",
    "cveId": "CVE-2025-1924",
    "datePublished": "2026-02-13T04:46:05.460Z",
    "dateReserved": "2025-03-04T06:24:10.217Z",
    "dateUpdated": "2026-02-13T13:07:18.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-1883 (GCVE-0-2025-1883)

Vulnerability from cvelistv5 – Published: 2025-05-02 15:03 – Updated: 2025-05-02 15:36
VLAI
Title
Out-Of-Bounds Write vulnerability exists in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
Summary
Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJ file.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
3DS
References
Impacted products
Vendor Product Version
Dassault Systèmes SOLIDWORKS eDrawings Affected: Release SOLIDWORKS Desktop 2025 SP0 , ≤ Release SOLIDWORKS Desktop 2025 SP1.2 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1883",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-02T15:32:48.421008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-02T15:36:48.859Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SOLIDWORKS eDrawings",
          "vendor": "Dassault Syst\u00e8mes",
          "versions": [
            {
              "lessThanOrEqual": "Release SOLIDWORKS Desktop 2025 SP1.2",
              "status": "affected",
              "version": "Release SOLIDWORKS Desktop 2025 SP0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJ\u00c2\u00a0file."
            }
          ],
          "value": "Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJ\u00c2\u00a0file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-02T15:03:08.513Z",
        "orgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
        "shortName": "3DS"
      },
      "references": [
        {
          "url": "https://www.3ds.com/vulnerability/advisories"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Out-Of-Bounds Write vulnerability exists in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
    "assignerShortName": "3DS",
    "cveId": "CVE-2025-1883",
    "datePublished": "2025-05-02T15:03:08.513Z",
    "dateReserved": "2025-03-03T12:31:54.539Z",
    "dateUpdated": "2025-05-02T15:36:48.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1744 (GCVE-0-2025-1744)

Vulnerability from cvelistv5 – Published: 2025-02-28 03:24 – Updated: 2025-02-28 15:21
VLAI
Title
Out-of-bounds Write in radare2
Summary
Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://github.com/radareorg/radare2/pull/23969 patchthird-party-advisory
Impacted products
Vendor Product Version
radareorg radare2 Affected: 0 , < <5.9.9 (git)
Create a notification for this product.
Date Public
2025-02-28 03:23
Credits
TITAN Team (titancaproject@gmail.com)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1744",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-28T15:21:10.472595Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-28T15:21:25.305Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com",
          "defaultStatus": "unaffected",
          "product": "radare2",
          "vendor": "radareorg",
          "versions": [
            {
              "changes": [
                {
                  "at": "patch 5.9.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "\u003c5.9.9",
              "status": "affected",
              "version": "0",
              "versionType": "git"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "TITAN Team (titancaproject@gmail.com)"
        }
      ],
      "datePublic": "2025-02-28T03:23:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds Write vulnerability in radareorg radare2 allows \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eheap-based buffer over-read or buffer overflow\u003c/span\u003e.\u003cp\u003eThis issue affects radare2: before \u0026lt;5.9.9.\u003c/p\u003e"
            }
          ],
          "value": "Out-of-bounds Write vulnerability in radareorg radare2 allows \n\nheap-based buffer over-read or buffer overflow.This issue affects radare2: before \u003c5.9.9."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-28T03:24:50.301Z",
        "orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
        "shortName": "GovTech CSG"
      },
      "references": [
        {
          "tags": [
            "patch",
            "third-party-advisory"
          ],
          "url": "https://github.com/radareorg/radare2/pull/23969"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds Write in radare2",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
    "assignerShortName": "GovTech CSG",
    "cveId": "CVE-2025-1744",
    "datePublished": "2025-02-28T03:24:50.301Z",
    "dateReserved": "2025-02-27T09:09:59.387Z",
    "dateUpdated": "2025-02-28T15:21:25.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1471 (GCVE-0-2025-1471)

Vulnerability from cvelistv5 – Published: 2025-02-21 10:07 – Updated: 2025-02-25 19:15
VLAI
Title
Eclipse OMR: Buffer overflow vulnerability
Summary
In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Eclipse Foundation Eclipse OMR Affected: 0.2.0 , < 0.4.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1471",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-21T13:45:54.485243Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T19:15:22.042Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Eclipse OMR",
          "repo": "https://github.com/eclipse-omr/omr",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "lessThan": "0.4.0",
              "status": "affected",
              "version": "0.2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs.  Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows."
            }
          ],
          "value": "In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs.  Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-21T10:07:22.507Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://github.com/eclipse-omr/omr/pull/7658"
        },
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/55"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Eclipse OMR: Buffer overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2025-1471",
    "datePublished": "2025-02-21T10:07:22.507Z",
    "dateReserved": "2025-02-19T14:44:59.852Z",
    "dateUpdated": "2025-02-25T19:15:22.042Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1330 (GCVE-0-2025-1330)

Vulnerability from cvelistv5 – Published: 2025-05-08 21:54 – Updated: 2026-02-26 18:28
VLAI
Title
IBM CICS TX code execution
Summary
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1  could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
ibm
References
Impacted products
Vendor Product Version
IBM CICS TX Standard Affected: 11.1
    cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:standard:linux:*:*
Create a notification for this product.
IBM CICS TX Advanced Affected: 10.1
Affected: 11.1
    cpe:2.3:a:ibm:cics_tx:10.1.0.0:*:*:*:advanced:linux:*:*
    cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:advanced:linux:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1330",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-10T03:55:11.981286Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:42.195Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:standard:linux:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "CICS TX Standard",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:cics_tx:10.1.0.0:*:*:*:advanced:linux:*:*",
            "cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:advanced:linux:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "CICS TX Advanced",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1\u0026nbsp; could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname  function."
            }
          ],
          "value": "IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1\u00a0 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname  function."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-28T14:19:02.544Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7232923"
        },
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7232924"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM strongly recommends addressing the vulnerabilities now by downloading and applying the below fix.   \u003cbr\u003e\u003cbr\u003eIBM CICS TX Standard 11.1 Linux Download and apply the fix from Fix Central. \u003cbr\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerabilities now by downloading and applying the below fix.   \n\nIBM CICS TX Standard 11.1 Linux Download and apply the fix from Fix Central."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM CICS TX code execution",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-1330",
    "datePublished": "2025-05-08T21:54:42.271Z",
    "dateReserved": "2025-02-15T00:10:21.346Z",
    "dateUpdated": "2026-02-26T18:28:42.195Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-1329 (GCVE-0-2025-1329)

Vulnerability from cvelistv5 – Published: 2025-05-08 21:53 – Updated: 2026-02-26 18:28
VLAI
Title
IBM CICS TX code execution
Summary
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
ibm
References
Impacted products
Vendor Product Version
IBM CICS TX Standard Affected: 11.1
    cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:standard:linux:*:*
Create a notification for this product.
IBM CICS TX Advanced Affected: 10.1
Affected: 11.1
    cpe:2.3:a:ibm:cics_tx:10.1.0.0:*:*:*:advanced:linux:*:*
    cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:advanced:linux:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1329",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-10T03:55:10.517800Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:42.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:standard:linux:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "CICS TX Standard",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:cics_tx:10.1.0.0:*:*:*:advanced:linux:*:*",
            "cpe:2.3:a:ibm:cics_tx:11.1.0.0:*:*:*:advanced:linux:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "CICS TX Advanced",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003egethostbyaddr \u003c/span\u003e\n\n function."
            }
          ],
          "value": "IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the \n\ngethostbyaddr \n\n function."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-28T14:18:29.768Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7232923"
        },
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7232924"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM strongly recommends addressing the vulnerabilities now by downloading and applying the below fix.   \u003cbr\u003e\u003cbr\u003eIBM CICS TX Standard 11.1 Linux Download and apply the fix from Fix Central. \u003cbr\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerabilities now by downloading and applying the below fix.   \n\nIBM CICS TX Standard 11.1 Linux Download and apply the fix from Fix Central."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM CICS TX code execution",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-1329",
    "datePublished": "2025-05-08T21:53:48.475Z",
    "dateReserved": "2025-02-15T00:10:20.672Z",
    "dateUpdated": "2026-02-26T18:28:42.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-1276 (GCVE-0-2025-1276)

Vulnerability from cvelistv5 – Published: 2025-04-15 20:55 – Updated: 2026-02-26 18:28
VLAI
Title
DWG File Parsing Out-of-Bounds Write Vulnerability
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk AutoCAD Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk Advance Steel Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD LT Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk RealDWG Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
    cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk DWG TrueView Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T03:55:46.650494Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:17.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T20:54:16.150Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/dwg-trueview/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1276",
    "datePublished": "2025-04-15T20:55:04.255Z",
    "dateReserved": "2025-02-13T15:16:31.469Z",
    "dateUpdated": "2026-02-26T18:28:17.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-1274 (GCVE-0-2025-1274)

Vulnerability from cvelistv5 – Published: 2025-04-15 20:58 – Updated: 2026-02-26 18:28
VLAI
Title
RCS File Parsing Out-of-Bounds Write Vulnerability
Summary
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk Revit Affected: 2025 , < 2025.4.1 (custom)
Affected: 2024 , < 2024.3.2 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD LT Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk Civil 3D Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk Advance Steel Affected: 2025 , < 2025.1.3 (custom)
Affected: 2024 , < 2024.1.8 (custom)
Affected: 2023 , < 2023.1.8 (custom)
    cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1274",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T03:55:39.221063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:15.897Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Revit",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.4.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.3.2",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.3",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.8",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.8",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-25T18:34:11.551Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0007"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "RCS File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1274",
    "datePublished": "2025-04-15T20:58:04.157Z",
    "dateReserved": "2025-02-13T15:16:29.531Z",
    "dateUpdated": "2026-02-26T18:28:15.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, many languages that perform their own memory management, such as Java and Perl, are not subject to buffer overflows. Other languages, such as Ada and C#, typically provide overflow protection, but the protection can be disabled by the programmer.
  • Be wary that a language's interface to native code may still be subject to overflows, even if the language itself is theoretically safe.
Mitigation MIT-4.1
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • Examples include the Safe C String Library (SafeStr) by Messier and Viega [REF-57], and the Strsafe.h library from Microsoft [REF-56]. These libraries provide safer versions of overflow-prone string-handling functions.
Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation MIT-9
Implementation
  • Consider adhering to the following rules when allocating and managing an application's memory:
  • Double check that the buffer is as large as specified.
  • When using functions that accept a number of bytes to copy, such as strncpy(), be aware that if the destination buffer size is equal to the source buffer size, it may not NULL-terminate the string.
  • Check buffer boundaries if accessing the buffer in a loop and make sure there is no danger of writing past the allocated space.
  • If necessary, truncate all input strings to a reasonable length before passing them to the copy and concatenation functions.
Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
Mitigation MIT-12
Operation

Strategy: Environment Hardening

  • Use a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment.
  • For more information on these techniques see D3-PSEP (Process Segment Execution Prevention) from D3FEND [REF-1336].
Mitigation MIT-13
Implementation

Replace unbounded copy functions with analogous functions that support length arguments, such as strcpy with strncpy. Create these if they are not available.

No CAPEC attack patterns related to this CWE.