CVE-2019-25336

HighPublic PoC

Published: 12 February 2026

Published

12 February 2026

Modified

20 February 2026

KEV Added

—

Patch

—

CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0003 8.4th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25336 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Nsasoft Spotauditor. Its CVSS base score is 8.4 (High).

Operationally, ranked at the 8.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-11 (User-installed Software) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly requires identification, prioritization, and remediation of flaws like the SpotAuditor buffer overflow to eliminate the vulnerability.

SI-16 Memory Protection good match

prevent

Implements memory safeguards such as DEP and ASLR to prevent arbitrary code execution via SEH overwrite exploits.

CM-11 User-installed Software good match

prevent

Prevents installation or execution of unapproved user-installed software like vulnerable SpotAuditor, removing the attack surface.

NVD Description

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception…

Handler (SEH) overwrite and execute shellcode on the vulnerable system.

Deeper analysisAI

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in its Base64 Encrypted Password tool, classified under CWE-121. This flaw allows attackers to execute arbitrary code by crafting a malicious Base64 encoded payload that triggers a Structured Exception Handler (SEH) overwrite, enabling shellcode execution on the vulnerable system. The vulnerability has a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for complete system compromise.

A local attacker can exploit this vulnerability with low complexity and no privileges or user interaction required. By providing a specially crafted payload to the affected tool, the attacker overwrites the SEH, bypassing basic protections and achieving remote code execution on the target system, potentially leading to full control over confidentiality, integrity, and availability.

Advisories and related resources include a detailed write-up from VulnCheck on the SpotAuditor Base64 local buffer overflow SEH issue, proof-of-concept exploits published on Exploit-DB (IDs 47719 and 47759), and the vendor site at nsauditor.com. No specific patches or mitigations are detailed in the available information, emphasizing the need to avoid using vulnerable versions of SpotAuditor.

Details

CWE(s): CWE-121

Affected Products

nsasoft

spotauditor

5.3.2

CVEs Like This One

CVE-2019-25340Same product: Nsasoft Spotauditor

CVE-2019-25434Same product: Nsasoft Spotauditor

CVE-2020-37200Same vendor: Nsasoft

CVE-2020-37119Same vendor: Nsasoft

CVE-2020-37207Same vendor: Nsasoft

CVE-2020-37130Same vendor: Nsasoft

CVE-2020-37212Same vendor: Nsasoft

CVE-2018-25213Same vendor: Nsasoft

CVE-2021-47814Same vendor: Nsasoft

CVE-2021-47895Same vendor: Nsasoft

References

http://www.nsauditor.com/
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/47719
Exploit, Third Party Advisory, VDB Entry · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/47759
Exploit, Third Party Advisory, VDB Entry · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/spotauditor-base-local-buffer-overflow-seh
Broken Link · disclosure@vulncheck.com