{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25679", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-05T13:31:07.337Z", "datePublished": "2026-04-05T20:45:29.972Z", "dateUpdated": "2026-04-06T18:02:53.380Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:29.972Z"}, "datePublic": "2019-02-21T00:00:00.000Z", "title": "RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH", "descriptions": [{"lang": "en", "value": "RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Realterm", "product": "RealTerm: Serial Terminal", "versions": [{"version": "1.11.2", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.5, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46441", "name": "ExploitDB-46441", "tags": ["exploit"]}, {"url": "https://realterm.sourceforge.io/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://sourceforge.net/projects/realterm/files/", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-buffer-overflow-seh"}], "credits": [{"lang": "en", "value": "Matteo Malvica", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25679", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T17:56:03.019126Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T18:02:53.380Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25679", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T17:56:03.019126Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T17:59:01.192Z"}}], "cna": {"title": "RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH", "credits": [{"lang": "en", "type": "finder", "value": "Matteo Malvica"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Realterm", "product": "RealTerm: Serial Terminal", "versions": [{"status": "affected", "version": "1.11.2"}]}], "datePublic": "2019-02-21T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46441", "name": "ExploitDB-46441", "tags": ["exploit"]}, {"url": "https://realterm.sourceforge.io/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://sourceforge.net/projects/realterm/files/", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-buffer-overflow-seh", "name": "VulnCheck Advisory: RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:29.972Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25679", "state": "PUBLISHED", "dateUpdated": "2026-04-06T18:02:53.380Z", "dateReserved": "2026-04-05T13:31:07.337Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-05T20:45:29.972Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked."}], "id": "CVE-2019-25679", "lastModified": "2026-04-07T13:20:35.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-05T21:16:46.127", "references": [{"source": "disclosure@vulncheck.com", "url": "https://realterm.sourceforge.io/"}, {"source": "disclosure@vulncheck.com", "url": "https://sourceforge.net/projects/realterm/files/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46441"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-buffer-overflow-seh"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.11.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "RealTerm: Serial Terminal", "source": "cna", "vendor": "Realterm"}, "product": "realterm:_serial_terminal", "vendor": "realterm"}], "analysis": {"en": {"generated_at": "2026-04-05T23:51:20.947352+00:00", "value": {"mitigation_remediation": ["Update RealTerm to any release newer than 2.0.0.70 to address the SEH buffer overflow.", "If updating is not possible, restrict local user privileges or prevent untrusted users from interacting with the Echo Port tab."], "summary": {"action": "Patch immediately", "impact": "Local code execution"}, "threat_synthesis": {"affected_systems": "The affected product is RealTerm Serial Terminal, released by Realterm. Version 2.0.0.70 is vulnerable and no other versions or variants are listed as affected. Users running this specific build on any supported platform face the risk.", "description_and_impact": "A buffer overflow exists in the Structured Exception Handling (SEH) chain of the Echo Port tab of RealTerm Serial Terminal. The flaw allows a local attacker to insert a crafted payload into the Port field and trigger execution by clicking the Change button. By using a POP POP RET gadget chain and shellcode the attacker can gain arbitrary code execution within the context of the running instance. This vulnerability is a classic SEH buffer overflow (CWE-787) that impacts confidentiality, integrity, and the availability of the application if executed.", "risk_and_exploitability": "The CVSS score of 8.5 marks the issue as high severity, and the exploitation requires local privilege because the attacker must have access to the host and be able to run the application. With no EPSS data and absence from the KEV catalog, no widespread exploitation is documented. If exploited, the attacker would execute arbitrary code with the privileges of the user running the application, potentially compromising the entire system. The attack path involves locally injecting a malicious string into the Port field and activating the Change action to trigger the SEH overflow."}}}}, "created": "2026-04-06T20:22:38.439840+00:00", "updated": "2026-04-06T21:48:30.746169+00:00", "vendors": ["realterm", "realterm$PRODUCT$realterm:_serial_terminal"]}