CVE-2019-25360

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH (Structured Exception Handler) overwrite techniques to achieve remote code execution.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.aida64.com	Product
https://www.aida64.com/downloads/OTAwMmVmNTE=	Product
https://www.exploit-db.com/exploits/47574	Exploit Third Party Advisory VDB Entry
https://www.vulncheck.com/advisories/aida-buffer-overflow	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:aida64:aida64:6.10.5200:*:*:*:engineer:*:*:*

History

27 Mar 2026, 16:57

Type	Values Removed	Values Added
References	~~() https://www.aida64.com -~~	() https://www.aida64.com - Product
References	~~() https://www.aida64.com/downloads/OTAwMmVmNTE= -~~	() https://www.aida64.com/downloads/OTAwMmVmNTE= - Product
References	~~() https://www.exploit-db.com/exploits/47574 -~~	() https://www.exploit-db.com/exploits/47574 - Exploit, Third Party Advisory, VDB Entry
References	~~() https://www.vulncheck.com/advisories/aida-buffer-overflow -~~	() https://www.vulncheck.com/advisories/aida-buffer-overflow - Broken Link
Summary		(es) Aida64 Engineer 6.10.5200 contiene una vulnerabilidad de desbordamiento de búfer en la configuración de registro CSV que permite a los atacantes ejecutar código malicioso mediante la creación de una carga útil especialmente diseñada. Los atacantes pueden explotar la vulnerabilidad creando un archivo de registro malformado con técnicas de sobrescritura de SEH (Structured Exception Handler) cuidadosamente construidas para lograr la ejecución remota de código.
First Time		Aida64 aida64 Aida64
CPE		cpe:2.3:a:aida64:aida64:6.10.5200::::engineer:::

18 Feb 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-18 22:16

Updated : 2026-03-27 16:57

NVD link : CVE-2019-25360

Mitre link : CVE-2019-25360

CVE.ORG link : CVE-2019-25360

JSON object : View

Products Affected

aida64

aida64

CWE

CWE-121

Stack-based Buffer Overflow

9.8 /10