Description
AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging preferences to overflow the buffer and trigger code execution when the application processes the log file path.
Published: 2026-03-24
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Code Execution
Action: Patch
AI Analysis

Impact

A structured exception handler buffer overflow exists in the logging functionality of AIDA64 Extreme 5.99.4900. A local attacker can supply a malicious CSV log file path that overflows the buffer when the application processes the Hardware Monitoring logging preferences, allowing injection of shellcode and execution of arbitrary code. This flaw gives the attacker the ability to run code with the privilege level of the affected user, potentially compromising confidentiality, integrity, and availability of the system.

Affected Systems

The vulnerability affects AIDA64 AIDA64 Extreme version 5.99.4900. No other versions are listed as affected.

Risk and Exploitability

The CVSS score of 8.6 indicates a high severity impact, while the EPSS score of less than 1% suggests a low probability of exploitation at this time. The flaw is not included in the CISA KEV catalog, implying no known widespread exploitation. The attack vector is inferred to be local, requiring a malicious log file placed within the application's logging directory. Once the file is processed, the overflow triggers code execution, enabling the attacker to gain elevated privileges or control the application.

Generated by OpenCVE AI on March 27, 2026 at 18:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest AIDA64 Extreme update that addresses the SEH buffer overflow to protect against local code execution.
  • If a patch is not yet available, disable or remove Hardware Monitoring logging functionality to eliminate the overflow trigger.
  • Ensure any suspicious or malformed CSV log files are deleted or quarantined to prevent accidental execution.
  • Monitor the system for unusual log file creation or execution patterns that may indicate exploitation attempts.

Generated by OpenCVE AI on March 27, 2026 at 18:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Aida64 aida64
CPEs cpe:2.3:a:aida64:aida64:5.99.4900:*:*:*:extreme:*:*:*
Vendors & Products Aida64 aida64

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Aida64
Aida64 aida64 Extreme
Vendors & Products Aida64
Aida64 aida64 Extreme

Tue, 24 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 11:45:00 +0000

Type Values Removed Values Added
Description AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging preferences to overflow the buffer and trigger code execution when the application processes the log file path.
Title AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via Logging
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Aida64 Aida64 Aida64 Extreme
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-24T15:12:13.799Z

Reserved: 2026-03-24T11:01:02.720Z

Link: CVE-2019-25629

cve-icon Vulnrichment

Updated: 2026-03-24T14:08:29.203Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T12:16:02.997

Modified: 2026-03-27T16:59:03.243

Link: CVE-2019-25629

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:26:47Z

Weaknesses