Description
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
Published: 2026-04-05
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Local code execution
Action: Patch immediately
AI Analysis

Impact

A buffer overflow exists in the Structured Exception Handling (SEH) chain of the Echo Port tab of RealTerm Serial Terminal. The flaw allows a local attacker to insert a crafted payload into the Port field and trigger execution by clicking the Change button. By using a POP POP RET gadget chain and shellcode the attacker can gain arbitrary code execution within the context of the running instance. This vulnerability is a classic SEH buffer overflow (CWE-787) that impacts confidentiality, integrity, and the availability of the application if executed.

Affected Systems

The affected product is RealTerm Serial Terminal, released by Realterm. Version 2.0.0.70 is vulnerable and no other versions or variants are listed as affected. Users running this specific build on any supported platform face the risk.

Risk and Exploitability

The CVSS score of 8.5 marks the issue as high severity, and the exploitation requires local privilege because the attacker must have access to the host and be able to run the application. With no EPSS data and absence from the KEV catalog, no widespread exploitation is documented. If exploited, the attacker would execute arbitrary code with the privileges of the user running the application, potentially compromising the entire system. The attack path involves locally injecting a malicious string into the Port field and activating the Change action to trigger the SEH overflow.

Generated by OpenCVE AI on April 5, 2026 at 23:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update RealTerm to any release newer than 2.0.0.70 to address the SEH buffer overflow.
  • If updating is not possible, restrict local user privileges or prevent untrusted users from interacting with the Echo Port tab.

Generated by OpenCVE AI on April 5, 2026 at 23:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Crun
Crun realterm
CPEs cpe:2.3:a:crun:realterm:2.0.0.70:*:*:*:*:*:*:*
Vendors & Products Crun
Crun realterm

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Realterm
Realterm realterm: Serial Terminal
Vendors & Products Realterm
Realterm realterm: Serial Terminal

Mon, 06 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sun, 05 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Description RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
Title RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Crun Realterm
Realterm Realterm: Serial Terminal
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T18:02:53.380Z

Reserved: 2026-04-05T13:31:07.337Z

Link: CVE-2019-25679

cve-icon Vulnrichment

Updated: 2026-04-06T17:59:01.192Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-05T21:16:46.127

Modified: 2026-04-20T17:48:36.967

Link: CVE-2019-25679

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:48:30Z

Weaknesses