Cyber Resilience

CVE-2018-25263

HighPublic PoC

Published: 26 April 2026

Published
26 April 2026
Modified
27 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0015 4.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2018-25263 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Faleemi Desktop Software (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2018-25263 is a local buffer overflow vulnerability (CWE-120) affecting Faleemi Desktop Software version 1.8.2, specifically in the Device alias field within the Managing Log interface. The flaw enables a structured exception handler (SEH) overwrite when a malicious payload is pasted into the field, as documented in the CVE description published on 2026-04-26. It carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting high impact on confidentiality, integrity, and availability.

Local attackers with access to the affected system can exploit this vulnerability by crafting a malicious payload and pasting it into the Device alias field, triggering the SEH overwrite to achieve arbitrary code execution. A proof-of-concept demonstrates successful execution of the calculator application, confirming remote code execution potential under local attack conditions with low complexity and no required privileges.

Advisories and related resources include a VulnCheck advisory at https://www.vulncheck.com/advisories/faleemi-desktop-software-local-buffer-overflow-seh, an Exploit-DB entry with a public exploit at https://www.exploit-db.com/exploits/45492, and the vulnerable software download at http://support.faleemi.com/fsc776/Faleemi_v1.8.exe. No specific patch or mitigation guidance is detailed in the provided CVE information.

EU & UK References

Vulnerability details

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias…

more

field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local buffer overflow with SEH overwrite directly enables arbitrary code execution on the host, mapping to exploitation for privilege escalation (or initial code execution under local access conditions).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2018-25299Shared CWE-120
CVE-2026-1679Shared CWE-120
CVE-2026-28925Shared CWE-120
CVE-2018-9387Shared CWE-120
CVE-2025-71263Shared CWE-120
CVE-2020-37049Shared CWE-120
CVE-2025-47388Shared CWE-120
CVE-2022-49754Shared CWE-120
CVE-2025-49495Shared CWE-120
CVE-2025-47389Shared CWE-120

Affected Assets

Faleemi
Desktop Software
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates and sanitizes inputs to the Device alias field to prevent buffer overflows from malicious payloads pasted in the Managing Log interface.

prevent

Enforces memory protections such as DEP and ASLR to block SEH overwrite and arbitrary code execution from buffer overflows.

prevent

Directs timely remediation of the identified buffer overflow flaw in Faleemi Desktop Software version 1.8.2.

References