Cyber Resilience

CVE-2018-25212

HighPublic PoC

Published: 26 March 2026

Published
26 March 2026
Modified
31 March 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 10.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2018-25212 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Boxoft Wav To Wma Converter. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2018-25212 is a local buffer overflow vulnerability (CWE-787) in Boxoft WAV-WMA Converter 1.0 on Windows systems. The issue occurs in the structured exception handling (SEH) mechanism, where processing a specially crafted WAV file with excessive data overwrites the SEH chain, enabling attackers to incorporate ROP gadgets for arbitrary code execution.

A local attacker can exploit this vulnerability with low attack complexity, no privileges, and no user interaction required, as indicated by its CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By crafting a malicious WAV file and having it processed by the converter, the attacker achieves full control over the application, potentially leading to system compromise through code execution.

Advisories, including those from VulnCheck, describe the SEH buffer overflow in detail, while an exploit is publicly available on Exploit-DB (ID 44989). The vendor product page at boxoft.com/wav-to-wma provides no specific patch or mitigation guidance in the referenced materials.

EU & UK References

Vulnerability details

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets…

more

to overwrite the SEH chain and achieve code execution on Windows systems.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Local SEH buffer overflow with ROP enables arbitrary code execution from a crafted file, directly mapping to exploitation for privilege escalation (T1068) and client-side code execution (T1203).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2019-25650Shared CWE-787
CVE-2026-8569Shared CWE-787
CVE-2026-31607Shared CWE-787
CVE-2025-20881Shared CWE-787
CVE-2026-8915Shared CWE-787
CVE-2026-47314Shared CWE-787
CVE-2026-6314Shared CWE-787
CVE-2016-20037Shared CWE-787
CVE-2024-54523Shared CWE-787
CVE-2026-9967Shared CWE-787

Affected Assets

boxoft
wav to wma converter
1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of the buffer overflow flaw in Boxoft WAV-WMA Converter through patching, updates, or removal to eliminate the vulnerability.

prevent

Implements memory protections such as DEP and ASLR that directly mitigate SEH chain overwrites and ROP exploitation in this buffer overflow.

prevent

Enforces input validation for WAV files to block excessive or malformed data that triggers the buffer overflow during processing.

References