CVE-2025-34123

A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user.

CVSS

No CVSS.

References

Link	Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/videocharge_studio.rb
https://www.exploit-db.com/exploits/29234
https://www.vulncheck.com/advisories/video-charge-studio-seh-buffer-overflow

Configurations

No configuration.

History

17 Jul 2025, 21:15

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de desbordamiento de búfer en la pila en VideoCharge Studio 2.12.3.685 al procesar un archivo de configuración .VSC especialmente manipulado. El problema se produce debido a la gestión incorrecta de los datos proporcionados por el usuario en el atributo XML "Nombre", lo que provoca una condición de sobrescritura de SEH. Un atacante puede explotar esta vulnerabilidad convenciendo a un usuario para que abra un archivo .VSC malicioso, lo que provoca la ejecución de código arbitrario en el contexto del usuario.

16 Jul 2025, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-16 21:15

Updated : 2025-07-17 21:15

NVD link : CVE-2025-34123

Mitre link : CVE-2025-34123

CVE.ORG link : CVE-2025-34123

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2025-34123", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-16T21:15:27.227", "references": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/videocharge_studio.rb", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/29234", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/video-charge-studio-seh-buffer-overflow", "source": "disclosure@vulncheck.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-94"}, {"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user."}, {"lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en la pila en VideoCharge Studio 2.12.3.685 al procesar un archivo de configuraci\u00f3n .VSC especialmente manipulado. El problema se produce debido a la gesti\u00f3n incorrecta de los datos proporcionados por el usuario en el atributo XML \"Nombre\", lo que provoca una condici\u00f3n de sobrescritura de SEH. Un atacante puede explotar esta vulnerabilidad convenciendo a un usuario para que abra un archivo .VSC malicioso, lo que provoca la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario."}], "lastModified": "2025-07-17T21:15:50.197", "sourceIdentifier": "disclosure@vulncheck.com"}