CVE-2025-7254: 
IrfanView vulnerability analysis and mitigation

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability (CVE-2025-7254) was discovered and reported on February 11, 2025. This vulnerability affects IrfanView CADImage Plugin installations and allows remote attackers to execute arbitrary code. The vulnerability was publicly disclosed on July 8, 2025, and affects versions up to (excluding) 15.0.0.8 for both x64 and x86 architectures (Zero Day Initiative).

The vulnerability exists within the parsing of DXF files and stems from improper validation of user-supplied data, resulting in a memory corruption condition (CWE-119). The vulnerability has received a CVSS v3.0 base score of 7.8 (HIGH) with the vector string CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. User interaction is required to exploit this vulnerability, specifically requiring the target to visit a malicious page or open a malicious file (Zero Day Initiative).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process, potentially leading to complete system compromise. The high CVSS score indicates severe potential impacts on confidentiality, integrity, and availability of the affected system (Zero Day Initiative).

The vulnerability has been fixed in IrfanView CADImage Plugin version 4.72. Users are advised to update to this version or later to mitigate the risk (Zero Day Initiative).