CVE-2018-25251
Published: 04 April 2026
Summary
CVE-2018-25251 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Sourceforge (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2018-25251 is a buffer overflow vulnerability (CWE-787) affecting Snes9K version 0.0.9z, a Super Nintendo emulator. The flaw resides in the Netplay Socket Port Number field, where input processing fails to adequately bound checks, enabling a structured exception handler (SEH) overwrite. This issue was published on 2026-04-04 and carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting high confidentiality, integrity, and availability impacts.
Local attackers can exploit the vulnerability by crafting a malicious payload and pasting it directly into the Socket Port Number field via the Netplay Options menu. Successful exploitation triggers SEH chain overwrite, allowing arbitrary code execution on the target system with the privileges of the Snes9K process, which requires no special permissions.
Advisories and related resources, including a Vulncheck advisory on the Snes9K 0.0.9z buffer overflow SEH via Netplay Socket, an Exploit-DB entry (45598) with a proof-of-concept, and the Snes9K project page and latest download on SourceForge, document the issue but do not specify patches or mitigations in the provided details.
A public exploit is available on Exploit-DB, indicating active proof-of-concept exploitation potential for unpatched instances of this legacy emulator.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21754
Vulnerability details
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number…
more
field via the Netplay Options menu to achieve code execution through SEH chain exploitation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow with SEH overwrite directly enables arbitrary code execution in a client application (emulator), matching Exploitation for Client Execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of user inputs to the Netplay Socket Port Number field to prevent buffer overflows from malicious payloads.
Implements memory protections such as DEP and ASLR to block SEH chain overwrite exploitation even if invalid input reaches the buffer.
Mandates timely remediation of the known buffer overflow flaw in Snes9K 0.0.9z, such as patching or upgrading the emulator.