CVE-2025-9189
📋 TL;DR
An out-of-bounds write vulnerability in Digilent DASYLab allows arbitrary code execution when users open malicious DSB files. This affects all versions of DASYLab software. Attackers can achieve full system compromise by tricking users into opening specially crafted files.
💻 Affected Systems
- Digilent DASYLab
📦 What is this software?
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with attacker gaining full control of the affected system, potentially leading to data theft, ransomware deployment, or lateral movement within the network.
Likely Case
Local privilege escalation leading to installation of malware, data exfiltration, or persistence mechanisms on the compromised system.
If Mitigated
Limited impact with proper application whitelisting and user training preventing malicious file execution.
🎯 Exploit Status
Exploitation requires user interaction to open malicious DSB file. No authentication required beyond file execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check NI security advisory for specific patched versions
Vendor Advisory: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-vulnerabilities-in-digilent-dasylab.html
Restart Required: Yes
Instructions:
1. Visit the NI security advisory page
2. Download the latest DASYLab update
3. Install the update following vendor instructions
4. Restart the system
🔧 Temporary Workarounds
Block DSB file execution
windowsPrevent execution of DSB files via application control or file extension blocking
Using Group Policy: Computer Configuration > Policies > Windows Settings > Security Settings > Software Restriction Policies > Additional Rules > New Path Rule: *.dsb = Disallowed
User awareness training
allTrain users to avoid opening DSB files from untrusted sources
🧯 If You Can't Patch
- Implement application whitelisting to only allow trusted applications
- Use email/web gateways to block DSB file attachments and downloads
🔍 How to Verify
Check if Vulnerable:
Check DASYLab version against patched versions in NI advisory. All versions are vulnerable unless patched.Check Version:
Check Help > About in DASYLab application or review installed programs in Control PanelVerify Fix Applied:
Verify DASYLab version matches or exceeds patched version listed in NI security advisory.📡 Detection & Monitoring
Log Indicators:
- Unexpected DASYLab crashes
- Process creation from DASYLab with unusual command lines
- DSB file access from untrusted locations
Network Indicators:
- Outbound connections from DASYLab process to unknown IPs
- DNS requests for suspicious domains from DASYLab
SIEM Query:
Process Creation where Image contains 'dasylab' AND CommandLine contains '.dsb'