EUVD-2025-18553
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Lifecycle Timeline
3Description
An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures.
Analysis
CVE-2025-49848 is an out-of-bounds write vulnerability in PRJ file parsing that allows unauthenticated local attackers with user interaction to corrupt memory and potentially achieve arbitrary code execution or application crash. The vulnerability stems from insufficient input validation when processing PRJ files, enabling attackers to read and write past allocated buffer boundaries. While no public exploit code or active in-the-wild exploitation has been confirmed at analysis time, the high CVSS score (8.4) and critical impact ratings (confidentiality, integrity, availability all HIGH) indicate this requires prioritized patching.
Technical Context
The vulnerability exists in PRJ (project) file parsing logic within an unspecified application. PRJ files are project format files commonly used in CAD/design software (such as AutoCAD, CodeBlocks, Embarcadero, or similar platforms). The root cause is CWE-787 (Out-of-bounds Write), a memory safety violation where the parser fails to validate buffer boundaries before writing parsed data structures. This occurs during deserialization of user-supplied PRJ file content, likely within a loop or recursive parsing routine that does not properly check allocated memory limits. The lack of bounds checking allows attackers to overwrite adjacent heap or stack memory, potentially corrupting critical data structures, function pointers, or return addresses. Without specific CPE data provided, the affected product family cannot be definitively identified, but PRJ file support is typically found in engineering and design software suites.
Affected Products
The specific product name and version information is not provided in the vulnerability description or CVE record synopsis. The vulnerability affects applications that parse PRJ file formats. Likely affected product families include: (1) Embarcadero RAD Studio / C++ Builder (uses .bpr, .dproj project files), (2) Corel/WinZip PRJ formats, (3) AutoCAD-related tools, or (4) CodeBlocks/open-source IDEs using .cbp project formats. Without CPE strings or vendor advisory references in the provided data, definitive version ranges cannot be specified. Security teams should: (1) Identify all installed applications that handle PRJ files in their environment, (2) Contact respective vendors for patch availability, (3) Check vendor security advisories once CVE details are published.
Remediation
Immediate remediation steps: (1) Apply vendor patches once released (vendor advisory should specify patched versions—recommend subscribing to vendor security bulletins). (2) Implement input validation/sandboxing: restrict PRJ file access to trusted sources only; disable auto-opening of PRJ files from email/internet sources. (3) Temporary workaround: educate users not to open PRJ files from untrusted sources; use application-level file restrictions or AppLocker/SELinux policies to prevent execution of vulnerable parsers on untrusted input. (4) Monitor for exploitation: check application logs and system memory dumps for heap corruption or segmentation faults correlated with PRJ file opens. (5) Escalation: request vendor advisory with specific patch versions and availability timeline; if vendor patches are unavailable, consider disabling PRJ file support or using alternative file formats.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today