CVE-2019-25569
Stack-Based Buffer Overflow in RealTerm 2.0.0.70 Causes DoS
Publication date: 2026-03-21
Last updated on: 2026-03-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| crun | realterm | 2.0.0.70 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25569 is a stack-based buffer overflow vulnerability found in RealTerm Serial Terminal version 2.0.0.70 and earlier. It occurs in the Echo Port field of the application where input is not properly bounds-checked.
An attacker can craft a malicious input string consisting of 268 bytes of padding followed by structured exception handler (SEH) overwrite values and paste it into the Port field. This causes corruption of the SEH chain, leading to a crash of the application.
This vulnerability allows local attackers to cause a denial of service by crashing the application through SEH chain corruption.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a denial of service (DoS) condition on the RealTerm Serial Terminal application.
A local attacker can crash the application by exploiting the buffer overflow in the Echo Port field, which corrupts the structured exception handler chain.
This crash disrupts normal operation, potentially causing loss of access to the terminal functionality until the application is restarted.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the crash condition locally on the system running RealTerm Serial Terminal version 2.0.0.70 or earlier. Specifically, an attacker or tester can craft a malicious input string consisting of 268 bytes of padding followed by SEH overwrite values and paste it into the Echo Port field's Port input."}, {'type': 'paragraph', 'content': 'A practical detection method involves using the provided proof-of-concept Python script (EchoPort.py) from the exploit details to generate a payload file (EchoPort.txt). This payload can then be pasted into the Port field under the Echo Port tab in RealTerm, with the "Echo On" option checked, and the "Change" button clicked to observe if the application crashes due to SEH chain corruption.'}, {'type': 'paragraph', 'content': 'There are no specific network commands since this is a local vulnerability, but the following steps can be used on the affected system:'}, {'type': 'list_item', 'content': 'Run the EchoPort.py script to generate the malicious payload file.'}, {'type': 'list_item', 'content': 'Open RealTerm Serial Terminal and navigate to the Echo Port tab.'}, {'type': 'list_item', 'content': 'Paste the contents of EchoPort.txt into the Port field.'}, {'type': 'list_item', 'content': 'Ensure "Echo On" is checked and click the "Change" button.'}, {'type': 'paragraph', 'content': 'If the application crashes with SEH chain corruption, the vulnerability is present.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the Echo Port field in RealTerm Serial Terminal version 2.0.0.70 or earlier, as this is where the buffer overflow occurs.
Since the vulnerability requires local access and input to the Port field, restricting access to the application and limiting user permissions can reduce the risk.
Additionally, monitor for updates or patches from the vendor and apply them once available.
If possible, upgrade to a newer version of RealTerm that addresses this vulnerability or use alternative software.