Cyber Resilience

CVE-2019-25357

HighPublic PoC

Published: 18 February 2026

Published
18 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0019 8.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2019-25357 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Webgateinc (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 8.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

Control Center PRO 6.2.9, a product from Webgate Inc., contains a stack-based buffer overflow vulnerability (CWE-121) in the user creation module's username field. This flaw allows attackers to overwrite the Structured Exception Handler (SEH) by submitting a malicious payload exceeding 664 bytes, enabling shellcode injection and potential arbitrary code execution on vulnerable Windows systems. The vulnerability received a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its high impact despite requiring local access.

A local attacker with no privileges required can exploit this vulnerability with low complexity and no user interaction. By crafting and submitting an oversized username payload during user creation, the attacker triggers the buffer overflow, gains control over execution flow via SEH overwrite, and executes arbitrary shellcode, potentially leading to full system compromise.

Advisories and references include vendor product pages from Webgate Inc. at http://www.webgateinc.com/wgi/eng/products/list.php?ec_idx1=P610 and its download section, a proof-of-concept exploit published on Exploit-DB at https://www.exploit-db.com/exploits/47645, and a detailed advisory from VulnCheck at https://www.vulncheck.com/advisories/control-center-pro-local-stack-based-bufferoverflow. These resources indicate potential patches or updates via vendor downloads, though specific mitigation steps are outlined in the advisories and exploit details.

An exploit is publicly available on Exploit-DB, demonstrating practical exploitability for local attackers on unpatched systems.

EU & UK References

Vulnerability details

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially…

more

execute arbitrary code on vulnerable Windows systems.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local stack-based buffer overflow with SEH overwrite directly enables arbitrary code execution for privilege escalation on Windows.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-70083Shared CWE-121
CVE-2026-32708Shared CWE-121
CVE-2026-44858Shared CWE-121
CVE-2026-39461Shared CWE-121
CVE-2026-24882Shared CWE-121
CVE-2024-10239Shared CWE-121
CVE-2026-43958Shared CWE-121
CVE-2026-44857Shared CWE-121
CVE-2025-24928Shared CWE-121
CVE-2026-23995Shared CWE-121

Affected Assets

Webgateinc
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces validation of username field inputs to reject oversized payloads exceeding 664 bytes that trigger the stack-based buffer overflow.

prevent

Implements memory protections like DEP, ASLR, and stack canaries to block SEH overwrite and shellcode execution from the buffer overflow vulnerability.

prevent

Requires timely identification, reporting, and patching of the specific stack-based buffer overflow flaw in the user creation module.

References