EUVD-2025-18552CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Lifecycle Timeline
3Description
An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures.
Analysis
CVE-2025-49849 is an out-of-bounds read vulnerability in PRJ file parsing that enables memory corruption through insufficient validation of user-supplied data. The vulnerability affects applications processing PRJ files (commonly associated with project management software) and allows local attackers with user interaction to read and write beyond allocated memory boundaries, potentially leading to information disclosure or code execution. While the CVSS score is moderately high (8.4), real-world exploitability depends on KEV status and active exploitation reports, which are not currently documented in available intelligence.
Technical Context
This vulnerability resides in the PRJ file parser implementation, likely within a project management or CAD application. The root cause is classified under CWE-125 (Out-of-bounds Read), which occurs when software reads from memory locations outside the boundaries of allocated buffers. PRJ files typically contain structured project metadata that must be parsed and validated; the lack of proper bounds checking during parsing allows attackers to craft malicious PRJ files that trigger out-of-bounds memory access. The vulnerability suggests inadequate input validation at the file format parsing layer, where array indexing or pointer arithmetic fails to verify that offsets/sizes remain within allocated structures. This is a common issue in legacy file format parsers that predate modern memory safety practices.
Affected Products
The CVE description does not specify vendor or product name, but references 'PRJ files' which are commonly associated with: (1) Microsoft Project (.mpp, .xml formats, but legacy .prj variants); (2) Various CAD/engineering tools (AutoCAD, Civil 3D, others using .prj coordinate system files); (3) Project management suites. Exact CPE data, version ranges, and vendor advisories are not provided in the available intelligence. Affected users should: (1) Check vendor security bulletins for their specific product; (2) Identify if their application parses externally-sourced PRJ files; (3) Cross-reference with product vulnerability trackers for confirmed affected versions.
Remediation
Without access to vendor advisories or patch information in the provided data: (1) Apply security patches from the affected product vendor immediately upon release; (2) Implement input validation filters to reject malformed or suspicious PRJ files before parsing; (3) Run file parsing in sandboxed environments when handling untrusted PRJ files; (4) Disable PRJ file import if not essential to operations; (5) Monitor vendor security bulletins (Microsoft Security Update Guide, relevant CAD vendors) for patched versions; (6) For development teams: implement bounds checking in file parsers using safe languages (Rust, modern C++ with bounds libraries) or static analysis tools to detect out-of-bounds access patterns. Specific patch versions should be obtained from vendor security advisories once released.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today