Description
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name field and Load from file parameter to trigger the overflow and execute shellcode with application privileges.
Published: 2026-03-24
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Execution of arbitrary code via local input
Action: Patch
AI Analysis

Impact

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow that allows a local attacker to supply crafted input through the email preferences and report wizard interfaces. The vulnerability is a classic out‑of‑bounds write (CWE‑787) which, when triggered by placing data in the Display name field or Load from file parameter, overwrites a SEH record and transfers execution to injected shellcode. This provides the attacker with the application’s privileges, potentially compromising the confidentiality, integrity, and availability of the affected system.

Affected Systems

The flaw affects Aida64’s Extreme edition, specifically version 5.99.4900. Users running this build are vulnerable when using the email preferences or report wizard features; no other versions or product variants are listed, so newer releases or unrelated products are presumed unaffected.

Risk and Exploitability

The CVSS score of 8.6 marks the issue as high severity while the EPSS score of less than 1 % indicates a low probability of exploitation in the wild. The vulnerability is not in CISA’s KEV catalog. The attack vector requires local access and the ability to interact with the application’s privileged interfaces. If a local attacker can provide malicious input, the SEH overwrite can be triggered, leading to arbitrary code execution within the process context.

Generated by OpenCVE AI on March 26, 2026 at 17:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Aida64 Extreme to the latest version that addresses the SEH buffer overflow.
  • If an upgrade is not immediately possible, disable the email preferences and report wizard features to eliminate the input vectors.
  • Restrict the application’s privileges using the principle of least privilege so that any code executed remains constrained to its intended scope.

Generated by OpenCVE AI on March 26, 2026 at 17:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Aida64 aida64
CPEs cpe:2.3:a:aida64:aida64:5.99.4900:*:*:*:extreme:*:*:*
Vendors & Products Aida64 aida64

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Aida64
Aida64 aida64 Extreme
Vendors & Products Aida64
Aida64 aida64 Extreme

Tue, 24 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 11:45:00 +0000

Type Values Removed Values Added
Description AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name field and Load from file parameter to trigger the overflow and execute shellcode with application privileges.
Title AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via EggHunter
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Aida64 Aida64 Aida64 Extreme
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-24T13:08:55.859Z

Reserved: 2026-03-24T11:02:35.099Z

Link: CVE-2019-25633

cve-icon Vulnrichment

Updated: 2026-03-24T13:08:48.238Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T12:16:03.797

Modified: 2026-03-26T16:40:24.967

Link: CVE-2019-25633

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:21:10Z

Weaknesses