Description
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.
Published: 2026-03-21
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (application crash)
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a buffer overflow in the Serial Code registration field of Magic Iso Maker 5.5 build 281, allowing local attackers to submit an oversized 5000‑byte input that causes the application to crash, leading to a denial of service. This weakness is classified as CWE-787, a classic buffer overflow that can be triggered by user‑supplied data during registration.

Affected Systems

Magic Iso Maker version 5.5 (build 281) from the vendor Magiciso is affected. The CPE string confirms this single product and version.

Risk and Exploitability

The CVSS score is 6.9, indicating moderate severity. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access to the machine; an attacker needs to manually craft a file with 5000 bytes and paste it into the Serial Code field during registration to trigger the crash. No remote code execution or privilege escalation is possible based on the information provided.

Generated by OpenCVE AI on March 21, 2026 at 14:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available patch or upgrade to a newer version of Magic Iso Maker.
  • If a patch is unavailable, avoid using the Serial Code registration feature or consider disabling it in the application settings.
  • If the functionality is not required, uninstall Magic Iso Maker to eliminate the vulnerable code.

Generated by OpenCVE AI on March 21, 2026 at 14:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sat, 21 Mar 2026 13:00:00 +0000

Type Values Removed Values Added
Description Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.
Title Magic Iso Maker 5.5 Buffer Overflow Denial of Service
First Time appeared Magiciso
Magiciso magic Iso Maker
Weaknesses CWE-787
CPEs cpe:2.3:a:magiciso:magic_iso_maker:5.5:*:*:*:*:*:*:*
Vendors & Products Magiciso
Magiciso magic Iso Maker
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Magiciso Magic Iso Maker
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-23T16:23:36.384Z

Reserved: 2026-03-21T12:34:41.825Z

Link: CVE-2019-25565

cve-icon Vulnrichment

Updated: 2026-03-23T16:23:32.751Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-21T13:16:19.900

Modified: 2026-03-23T14:31:37.267

Link: CVE-2019-25565

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:47:18Z

Weaknesses