Cyber Posture

CVE-2019-25629

HighPublic PoC

Published: 24 March 2026

Published
24 March 2026
Modified
27 March 2026
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.0th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25629 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Aida64 Aida64. Its CVSS base score is 8.4 (High).

Operationally, ranked at the 4.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
preventrecover

Flaw remediation directly addresses the buffer overflow vulnerability in AIDA64 Extreme by requiring timely patching or removal of the affected software version.

SI-10 Information Input Validation good match
prevent

Information input validation enforces bounds checking on CSV log file paths in the logging functionality, preventing the out-of-bounds write and shellcode injection.

SI-16 Memory Protection partial match
prevent

Memory protection mechanisms such as DEP and ASLR mitigate arbitrary code execution from the SEH buffer overflow even if the input validation flaw exists.

NVD Description

AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging…

more

preferences to overflow the buffer and trigger code execution when the application processes the log file path.

Deeper analysisAI

AIDA64 Extreme version 5.99.4900 contains a structured exception handler buffer overflow vulnerability in its logging functionality, tracked as CVE-2019-25629 and mapped to CWE-787 (Out-of-bounds Write). This flaw affects the application's processing of CSV log file paths, particularly through the Hardware Monitoring logging preferences, where insufficient bounds checking allows buffer overflows.

Local attackers can exploit this vulnerability with low complexity and no user interaction or privileges required, as indicated by its CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By supplying a malicious CSV log file path containing injected shellcode, an attacker triggers the overflow during log file path processing, enabling arbitrary code execution with high impacts on confidentiality, integrity, and availability.

Advisories and related resources include a Vulncheck advisory detailing the SEH buffer overflow via logging at https://www.vulncheck.com/advisories/aida64-extreme-seh-buffer-overflow-via-logging, an Exploit-DB proof-of-concept at https://www.exploit-db.com/exploits/46660, the vendor site at https://www.aida64.com, and a download link for the affected version at http://download.aida64.com/aida64extreme599.exe. Security practitioners should review these for mitigation guidance and updates, as no patch details are specified in the CVE description. A public exploit underscores the need for immediate upgrades where possible.

Details

CWE(s)
CWE-787

Affected Products

aida64
aida64
5.99.4900

CVEs Like This One

CVE-2019-25631Same product: Aida64 Aida64
CVE-2019-25633Same product: Aida64 Aida64
CVE-2019-25360Same product: Aida64 Aida64
CVE-2025-20890Shared CWE-787
CVE-2019-25681Shared CWE-787
CVE-2026-23715Shared CWE-787
CVE-2025-21161Shared CWE-787
CVE-2026-21327Shared CWE-787
CVE-2025-21042Shared CWE-787
CVE-2026-3094Shared CWE-787

References