Cyber Resilience

CVE-2019-25434

MediumPublic PoC

Published: 20 February 2026

Published
20 February 2026
Modified
05 March 2026
KEV Added
Patch
CVSS Score v4 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0015 35.9th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25434 is a medium-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Nsasoft Spotauditor. Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 35.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2019-25434 is a denial of service vulnerability affecting SpotAuditor version 5.3.1.0. The flaw stems from the application's inadequate handling of excessive input in the registration name field, where submitting a large string of characters—5000 bytes or more—triggers an unhandled exception that crashes the application. This issue aligns with CWE-121 (stack-based buffer overflow) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its high impact on availability.

Unauthenticated attackers with network access can exploit this vulnerability remotely and with low complexity, requiring no privileges or user interaction. By entering oversized data into the registration name field, they can reliably cause the SpotAuditor application to crash, resulting in a denial of service condition that disrupts functionality for legitimate users.

Advisories and references, including the vendor site at http://www.nsauditor.com, an Exploit-DB proof-of-concept at https://www.exploit-db.com/exploits/47494, and a VulnCheck advisory at https://www.vulncheck.com/advisories/spotauditor-denial-of-service-via-registration-name-field, document the vulnerability but do not specify patches or detailed mitigation steps in the provided information. Security practitioners should verify updates from the vendor and consider input validation or restricting registration access as interim measures.

EU & UK References

Vulnerability details

SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name…

more

field during registration to trigger an unhandled exception that crashes the application.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Direct stack-based buffer overflow in application input field enables remote Endpoint DoS via Application or System Exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2019-25340Same product: Nsasoft Spotauditor
CVE-2019-25336Same product: Nsasoft Spotauditor
CVE-2020-37200Same vendor: Nsasoft
CVE-2020-37205Same vendor: Nsasoft
CVE-2020-37208Same vendor: Nsasoft
CVE-2021-47815Same vendor: Nsasoft
CVE-2020-37204Same vendor: Nsasoft
CVE-2020-37211Same vendor: Nsasoft
CVE-2020-37209Same vendor: Nsasoft
CVE-2020-37199Same vendor: Nsasoft

Affected Assets

nsasoft
spotauditor
≤ 5.3.1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates the length and format of registration name field inputs to reject excessive data and prevent the unhandled exception crash.

prevent

Ensures graceful handling of errors and exceptions from oversized inputs without compromising system availability or causing application crashes.

prevent

Implements protections to limit the effects of denial-of-service attacks exploiting inadequate input handling in the registration process.

References