You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-7223
About this tag
The tag cve-2025-7223 covers a remote code execution vulnerability disclosed in INVT VT-Designer and HMITool, two engineering and HMI utilities used in industrial and building automation. The flaw, part of a cluster of CVEs, involves file-parsing logic that can lead to out-of-bounds writes and type-confusion when a user opens a crafted project or VPM file. This can allow arbitrary code execution in the context of the application process. The vulnerability is significant because these tools are commonly deployed on Windows engineering stations and operator workstations in ICS environments. Discussions on WindowsForum.com focus on mitigation strategies for affected systems.
INVT’s VT‑Designer and HMITool — two engineering and HMI utilities widely used in industrial and building automation environments — are the subject of a coordinated vulnerability disclosure that assigns multiple high‑severity remote code execution (RCE) flaws to file‑parsing logic in both...