CVE-2018-25255
Published: 04 April 2026
Summary
CVE-2018-25255 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in 10 Strike (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2018-25255 is a local buffer overflow vulnerability in the structured exception handling (SEH) of 10-Strike LANState version 8.8. The flaw affects the software's handling of LSM map files, where a specially crafted file with a malicious payload in the ObjCaption parameter can overflow the buffer, overwrite the SEH chain, and lead to arbitrary code execution upon opening the file in the application. It is classified under CWE-787 (Out-of-bounds Write) with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Local attackers can exploit this vulnerability without requiring privileges by creating a malicious LSM file and tricking a user into opening it within 10-Strike LANState 8.8. Successful exploitation allows the attacker to execute arbitrary shellcode, potentially gaining full control over the affected system with high confidentiality, integrity, and availability impacts.
Advisories and related resources include a VulnCheck advisory detailing the SEH buffer overflow, an Exploit-DB entry (45086) with a proof-of-concept exploit, and vendor pages for 10-Strike LANState downloads and products. No specific patch details are outlined in the provided references.
A public exploit is available on Exploit-DB, indicating potential for real-world local exploitation on unpatched systems running the affected version.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21762
Vulnerability details
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the…
more
ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Malicious LSM file opened by user triggers SEH buffer overflow and arbitrary code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely flaw remediation, directly addressing the known buffer overflow vulnerability in 10-Strike LANState by applying vendor patches or updates.
SI-10 mandates information input validation at file parsing points, preventing the buffer overflow from malicious ObjCaption payloads in LSM files.
SI-16 implements memory protection mechanisms like ASLR and DEP that mitigate SEH chain overwrites and arbitrary code execution from buffer overflows.