EUVD-2026-12035CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DSB file. This vulnerability affects all versions of Digilent DASYLab.
Analysis
Memory corruption vulnerability in all versions of Digilent DASYLab data acquisition software that allows attackers to achieve arbitrary code execution or information disclosure by tricking users into opening malicious .DSB files. With a CVSS score of 7.8 and requiring only user interaction, this out-of-bounds write vulnerability poses significant risk, though no active exploitation or public POCs have been reported.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running DASYLab and restrict file access permissions to limit .DSB file exposure; notify users to avoid opening files from untrusted sources. Within 7 days: Implement file type restrictions at email gateways and endpoints to block or quarantine .DSB files; segment DASYLab systems from critical infrastructure where possible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today