Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures.
AnalysisAI
CVE-2025-49848 is an out-of-bounds write vulnerability in PRJ file parsing that allows unauthenticated local attackers with user interaction to corrupt memory and potentially achieve arbitrary code execution or application crash. The vulnerability stems from insufficient input validation when processing PRJ files, enabling attackers to read and write past allocated buffer boundaries. While no public exploit code or active in-the-wild exploitation has been confirmed at analysis time, the high CVSS score (8.4) and critical impact ratings (confidentiality, integrity, availability all HIGH) indicate this requires prioritized patching.
Technical ContextAI
The vulnerability exists in PRJ (project) file parsing logic within an unspecified application. PRJ files are project format files commonly used in CAD/design software (such as AutoCAD, CodeBlocks, Embarcadero, or similar platforms). The root cause is CWE-787 (Out-of-bounds Write), a memory safety violation where the parser fails to validate buffer boundaries before writing parsed data structures. This occurs during deserialization of user-supplied PRJ file content, likely within a loop or recursive parsing routine that does not properly check allocated memory limits. The lack of bounds checking allows attackers to overwrite adjacent heap or stack memory, potentially corrupting critical data structures, function pointers, or return addresses. Without specific CPE data provided, the affected product family cannot be definitively identified, but PRJ file support is typically found in engineering and design software suites.
RemediationAI
Immediate remediation steps: (1) Apply vendor patches once released (vendor advisory should specify patched versions—recommend subscribing to vendor security bulletins). (2) Implement input validation/sandboxing: restrict PRJ file access to trusted sources only; disable auto-opening of PRJ files from email/internet sources. (3) Temporary workaround: educate users not to open PRJ files from untrusted sources; use application-level file restrictions or AppLocker/SELinux policies to prevent execution of vulnerable parsers on untrusted input. (4) Monitor for exploitation: check application logs and system memory dumps for heap corruption or segmentation faults correlated with PRJ file opens. (5) Escalation: request vendor advisory with specific patch versions and availability timeline; if vendor patches are unavailable, consider disabling PRJ file support or using alternative file formats.
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18553