CVE-2025-9175

A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used.

CVSS v3 5.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 3.1 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087	Broken Link
https://vuldb.com/?ctiid.320556	Permissions Required VDB Entry
https://vuldb.com/?id.320556	Third Party Advisory VDB Entry
https://vuldb.com/?submit.630743	Third Party Advisory VDB Entry
https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:neurobin:shc:*:*:*:*:*:*:*:*

History

11 Sep 2025, 19:19

Type	Values Removed	Values Added
CWE		CWE-787
First Time		Neurobin Neurobin shc
CPE		cpe:2.3:a:neurobin:shc::::::::
References	~~() https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087 -~~	() https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087 - Broken Link
References	~~() https://vuldb.com/?ctiid.320556 -~~	() https://vuldb.com/?ctiid.320556 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?id.320556 -~~	() https://vuldb.com/?id.320556 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.630743 -~~	() https://vuldb.com/?submit.630743 - Third Party Advisory, VDB Entry

20 Aug 2025, 16:15

Type	Values Removed	Values Added
References	~~() https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087 -~~	() https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087 -

20 Aug 2025, 14:39

Type	Values Removed	Values Added
Summary		(es) Se identificó una vulnerabilidad en neurobin shc hasta la versión 4.0.3. Este problema afecta a la función make del archivo src/shc.c. La manipulación provoca un desbordamiento del búfer en la pila. El ataque solo puede ejecutarse desde un entorno local. Se ha hecho público el exploit y puede que sea utilizado.

19 Aug 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-19 23:15

Updated : 2025-09-11 19:19

NVD link : CVE-2025-9175

Mitre link : CVE-2025-9175

CVE.ORG link : CVE-2025-9175

JSON object : View

Products Affected

neurobin

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write

5.3 /10