CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-25679

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.8%

CVSS Severity

CVSS v3 Score 7.8

References

https://realterm.sourceforge.io/
https://sourceforge.net/projects/realterm/files/
https://www.exploit-db.com/exploits/46441
https://www.vulncheck.com/advisories/realterm-serial-terminal-buffer-overflow-seh

Products affected by CVE-2019-25679

Crun » Realterm » Version: 2.0.0.70

cpe:2.3:a:crun:realterm:2.0.0.70

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-25679

Products

Pricing

Contact Us