CVE-2019-25569

MEDIUM

RealTerm Serial Terminal 2.0.0.70 SEH Overflow Crash

Title source: cna

Description

RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of padding followed by SEH overwrite values and paste it into the Port field to cause denial of service.

Exploits (1)

exploitdb WORKING POC

by Alejandra Sánchez · pythondoswindows

https://www.exploit-db.com/exploits/46391

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/46391

[Product] https://realterm.sourceforge.io/

[Product] https://sourceforge.net/projects/realterm/files/

[Third Party Advisory] https://www.vulncheck.com/advisories/realterm-serial-terminal-seh-overflow-crash

Scores

CVSS v3 6.2

EPSS 0.0002

EPSS Percentile 4.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-787

Status published

Products (2)

crun/realterm 2.0.0.70

Realterm/RealTerm: Serial Terminal 2.0.0.70

Published Mar 21, 2026

Tracked Since Mar 21, 2026