Home / Vulnerability Intelligence / CVE-2019-25631

CVE-2019-25631 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 24, 2026

AIDA64 Business - Remote Code Execution

Published: March 24, 2026Updated: March 24, 2026

Overview

AIDA64 Business 5.99.4900 contains a buffer overflow caused by overwriting SEH pointers via SMTP display name field in preferences or report wizard, letting local attackers execute arbitrary code with application privileges, exploit requires local access.

Severity & Score

Severity: High

CVSS Score: 8.4

Impact

Local attackers can execute arbitrary code with application privileges, potentially leading to full system compromise.

Mitigation

Update to the latest version of AIDA64 Business.

References

https://www.aida64.com
https://www.aida64.com/downloads
https://www.exploit-db.com/exploits/46639
https://www.vulncheck.com/advisories/aida64-business-seh-buffer-overflow-via-egghunter

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2019-25631
Severity: High
CVSS Score: 8.4
Type: buffer_overflow
Status: new

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H