EUVD-2026-12037
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file. This vulnerability affects all versions of Digilent DASYLab.
Analysis
Memory corruption vulnerability in all versions of Digilent DASYLab that allows attackers to execute arbitrary code or steal information by tricking users into opening malicious files. The vulnerability has a CVSS score of 7.8 (High) and requires user interaction, with no evidence of active exploitation (not in KEV) or publicly available proof-of-concept code.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running DASYLab and notify relevant users to avoid opening files from untrusted sources; assess business-critical dependencies on DASYLab. Within 7 days: Implement user awareness training on file-opening risks and establish a file review process for DASYLab inputs; restrict DASYLab access to essential personnel only. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today