CVE-2019-25633

HighPublic PoC

Published: 24 March 2026

Published

24 March 2026

Modified

26 March 2026

KEV Added

—

Patch

—

CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0001 0.4th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25633 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Aida64 Aida64. Its CVSS base score is 8.4 (High).

Operationally, ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Flaw remediation directly mitigates this CVE by applying vendor patches to fix the buffer overflow vulnerability in AIDA64 Extreme.

SI-16 Memory Protection good match

prevent

Memory protection safeguards such as DEP and ASLR prevent arbitrary code execution from SEH buffer overflows triggered by crafted inputs.

SI-10 Information Input Validation partial match

prevent

Information input validation enforces bounds checking on user-supplied inputs like Display name and Load from file parameters to mitigate the out-of-bounds write.

NVD Description

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name…

field and Load from file parameter to trigger the overflow and execute shellcode with application privileges.

Deeper analysisAI

CVE-2019-25633 is a structured exception handling buffer overflow vulnerability in AIDA64 Extreme version 5.99.4900. The flaw resides in the email preferences and report wizard interfaces, where insufficient bounds checking on user-supplied input leads to a buffer overflow condition, classified under CWE-787 (Out-of-bounds Write). It carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Local attackers can exploit this vulnerability without requiring privileges or user interaction by injecting crafted payloads into the Display name field or Load from file parameter. Successful exploitation triggers the SEH overflow, enabling arbitrary code execution in the context of the application with its privileges.

References include an Exploit-DB entry (46636) demonstrating the issue, a Vulncheck advisory detailing the SEH buffer overflow via egghunter technique, the official AIDA64 website, and a download link for the vulnerable AIDA64 Extreme 5.99.4900 executable. Security practitioners should review these for exploit details and verify patching by upgrading to later versions.