Description
Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input file that overflows a buffer, overwrites the SEH chain with a POP-POP-RET gadget address, and uses an egghunter payload to locate and execute shellcode for code execution.
Published: 2026-03-24
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Code Execution
Action: Apply Patch
AI Analysis

Impact

This vulnerability is a stack based buffer overflow in Base64 Decoder 1.1.2 that permits local attackers to overwrite the Structured Exception Handler. By crafting a malicious input file the attacker can trigger an SEH overwrite, use a POP‑POP‑RET gadget and an egghunter shellcode to execute arbitrary code on the affected host.

Affected Systems

The faulty software is the Base64 Decoder from 4Mhz, version 1.1.2. No additional vendor or product variants are listed within the CVE data.

Risk and Exploitability

The CVSS score of 8.6 signifies high severity. EPSS data is not available and the CVE is not present in the CISA KEV catalog, suggesting the vulnerability is not widely exploited yet. Exploitation requires local access to supply a crafted input file to the decoder; thus the attack vector is local and the consequences are full code execution on the machine hosting the application.

Generated by OpenCVE AI on March 24, 2026 at 12:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest official release of Base64 Decoder, or install any vendor‑supplied patch for version 1.1.2.
  • If the decoder is not required, uninstall or disable it to eliminate the attack surface.
  • Restrict the permissions on directories that accept files for decoding so only trusted users can place files that will be processed by the vulnerable executable.
  • Monitor the system for anomalous SEH overwrite attempts or unexpected shellcode execution.
  • Apply general least‑privilege and secure file‑handling practices to limit damage from potential local attacks.

Generated by OpenCVE AI on March 24, 2026 at 12:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:4mhz:base64_decoder:1.1.2:*:*:*:*:*:*:*

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared 4mhz
4mhz base64 Decoder
Vendors & Products 4mhz
4mhz base64 Decoder

Tue, 24 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 11:45:00 +0000

Type Values Removed Values Added
Description Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input file that overflows a buffer, overwrites the SEH chain with a POP-POP-RET gadget address, and uses an egghunter payload to locate and execute shellcode for code execution.
Title Base64 Decoder 1.1.2 Local Buffer Overflow SEH Egghunter
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

4mhz Base64 Decoder
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-24T13:48:49.934Z

Reserved: 2026-03-24T11:02:46.887Z

Link: CVE-2019-25634

cve-icon Vulnrichment

Updated: 2026-03-24T13:48:32.892Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T12:16:04.000

Modified: 2026-06-03T18:44:27.053

Link: CVE-2019-25634

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:37Z

Weaknesses