Cyber Resilience

CVE-2019-25670

HighPublic PoC

Published: 05 April 2026

Published
05 April 2026
Modified
27 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 10.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2019-25670 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in River Past Video Cleaner Project River Past Video Cleaner. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 10.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2019-25670 is a structured exception handler buffer overflow vulnerability (CWE-787) affecting River Past Video Cleaner version 7.6.3, specifically in the Lame_enc.dll field. Published on 2026-04-05, it carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for complete system compromise through arbitrary code execution.

Local attackers can exploit the vulnerability by supplying a malicious string to the Lame_enc.dll field, crafting a payload with 280 bytes of padding, a next structured exception handler override, and shellcode. When the application processes this input, the buffer overflow is triggered, allowing the attacker to hijack the exception handling and execute the embedded shellcode with the privileges of the running process. No special privileges or user interaction are required beyond local access to the system.

References include the River Past Video Cleaner download page on Softonic, an Exploit-DB entry (46346) with a proof-of-concept exploit, and a VulnCheck advisory describing the buffer overflow via SEH. No patches or specific mitigations are detailed in the available information.

EU & UK References

Vulnerability details

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll field. Attackers can craft a payload with 280 bytes of padding,…

more

a next structured exception handler override, and shellcode to trigger code execution when the application processes the input.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Local buffer overflow in client application (River Past Video Cleaner) directly enables arbitrary code execution via crafted input and SEH overwrite, matching Exploitation for Client Execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2019-25705Shared CWE-787
CVE-2019-25633Shared CWE-787
CVE-2026-0538Shared CWE-787
CVE-2016-20046Shared CWE-787
CVE-2019-25628Shared CWE-787
CVE-2019-25695Shared CWE-787
CVE-2018-25218Shared CWE-787
CVE-2026-42484Shared CWE-787
CVE-2019-25612Shared CWE-787
CVE-2025-43300Shared CWE-787

Affected Assets

river past video cleaner project
river past video cleaner
≤ 7.6.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires identifying, reporting, and correcting the buffer overflow flaw in River Past Video Cleaner, preventing exploitation through patching or software removal.

prevent

Implements memory safeguards such as DEP, ASLR, and SEH protections that block arbitrary code execution from SEH buffer overflows even if the flaw exists.

prevent

Mandates validation of malicious strings supplied to the Lame_enc.dll field to block oversized payloads that trigger the buffer overflow.

References