CVE-2019-25357
Published: 18 February 2026
Summary
CVE-2019-25357 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Webgateinc (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 8.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
Control Center PRO 6.2.9, a product from Webgate Inc., contains a stack-based buffer overflow vulnerability (CWE-121) in the user creation module's username field. This flaw allows attackers to overwrite the Structured Exception Handler (SEH) by submitting a malicious payload exceeding 664 bytes, enabling shellcode injection and potential arbitrary code execution on vulnerable Windows systems. The vulnerability received a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its high impact despite requiring local access.
A local attacker with no privileges required can exploit this vulnerability with low complexity and no user interaction. By crafting and submitting an oversized username payload during user creation, the attacker triggers the buffer overflow, gains control over execution flow via SEH overwrite, and executes arbitrary shellcode, potentially leading to full system compromise.
Advisories and references include vendor product pages from Webgate Inc. at http://www.webgateinc.com/wgi/eng/products/list.php?ec_idx1=P610 and its download section, a proof-of-concept exploit published on Exploit-DB at https://www.exploit-db.com/exploits/47645, and a detailed advisory from VulnCheck at https://www.vulncheck.com/advisories/control-center-pro-local-stack-based-bufferoverflow. These resources indicate potential patches or updates via vendor downloads, though specific mitigation steps are outlined in the advisories and exploit details.
An exploit is publicly available on Exploit-DB, demonstrating practical exploitability for local attackers on unpatched systems.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-19706
Vulnerability details
Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially…
more
execute arbitrary code on vulnerable Windows systems.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local stack-based buffer overflow with SEH overwrite directly enables arbitrary code execution for privilege escalation on Windows.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces validation of username field inputs to reject oversized payloads exceeding 664 bytes that trigger the stack-based buffer overflow.
Implements memory protections like DEP, ASLR, and stack canaries to block SEH overwrite and shellcode execution from the buffer overflow vulnerability.
Requires timely identification, reporting, and patching of the specific stack-based buffer overflow flaw in the user creation module.