CVE-2025-57777
BaseFortify
Publication date: 2025-09-02
Last updated on: 2025-10-09
Assigner: National Instruments
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ni | dasylab | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1285 | The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening DSB files from untrusted sources and practice good cybersecurity awareness. Since no patches or fixes are currently available, user caution is the primary defense against exploitation. [1]
Can you explain this vulnerability to me?
This vulnerability is an out of bounds write issue in the displ2.dll component of Digilent DASYLab when parsing DSB files. It occurs due to improper bounds checking, which can allow an attacker to execute arbitrary code if a user opens a specially crafted DSB file. All versions of DASYLab are affected, and exploitation requires local user interaction. [1]
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary code execution on the affected system, potentially compromising confidentiality, integrity, and availability of data and system resources. An attacker could execute malicious code with the privileges of the user who opens the crafted DSB file, leading to serious security impacts. [1]