Cyber Resilience

CVE-2018-25261

HighPublic PoC

Published: 22 April 2026

Published
22 April 2026
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 10.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2018-25261 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Entersrl Iperius Backup. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2018-25261 is a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism of Iperius Backup version 5.8.1. The flaw allows local attackers to execute arbitrary code by supplying a malicious file path, specifically through a crafted payload in the external file location field of a backup job. This triggers the buffer overflow when the backup job executes, with impacts rated at CVSS 3.1 score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and mapped to CWE-787 (Out-of-bounds Write).

Local attackers with access to the system, requiring no privileges (PR:N), can exploit this by creating a backup job configured with the malicious payload. Upon job execution, the buffer overflow enables arbitrary code execution under the privileges of the Iperius Backup application, potentially leading to full system compromise if the application runs with elevated rights.

Advisories and related resources include a detailed exploit on Exploit-DB (https://www.exploit-db.com/exploits/46059), the vendor site (https://www.iperiusbackup.com), and a Vulncheck advisory (https://www.vulncheck.com/advisories/iperius-backup-local-buffer-overflow-seh), which document the issue but do not specify patches in the provided details.

EU & UK References

Vulnerability details

Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload…

more

in the external file location field that triggers a buffer overflow when the backup job executes, enabling code execution with application privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local SEH buffer overflow enables arbitrary code execution for privilege escalation on the host.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2016-20044Shared CWE-787
CVE-2026-23326Shared CWE-787
CVE-2024-43077Shared CWE-787
CVE-2024-53697Shared CWE-787
CVE-2025-20890Shared CWE-787
CVE-2026-23073Shared CWE-787
CVE-2025-20708Shared CWE-787
CVE-2025-1471Shared CWE-787
CVE-2024-35273Shared CWE-787
CVE-2022-49062Shared CWE-787

Affected Assets

entersrl
iperius backup
5.8.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates untrusted inputs like malicious file paths in backup job configurations to prevent buffer overflows.

prevent

Implements memory protections such as DEP and ASLR to block arbitrary code execution from SEH buffer overflow exploits.

prevent

Mandates identification, reporting, and timely patching of flaws like this specific buffer overflow vulnerability.

References