How to fix CVE-2019-25360?

Within 24 hours: identify all Aida64 Engineer 6.10.5200 installations and isolate them from production networks; disable CSV logging feature immediately. Within 7 days: evaluate migration to alternative monitoring tools or isolated test environments only; implement network segmentation to restrict access. Within 30 days: upgrade to patched version when available or execute full decommissioning plan; conduct forensic analysis for breach indicators.

Is Stack Overflow affected by CVE-2019-25360?

Aida64 Engineer 6.10.5200 contains a critical remote code execution vulnerability affecting all deployed instances. Attackers can exploit CSV logging configurations to execute arbitrary code without authentication, potentially compromising system integrity and sensitive data across affected…

CVE-2019-25360

HIGH

2026-02-18 [email protected]

8.4

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

PoC Detected

Mar 27, 2026 - 16:57 vuln.today

Public exploit code

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 18, 2026 - 22:16 nvd

HIGH 8.4

Description

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH (Structured Exception Handler) overwrite techniques to achieve remote code execution.

Analysis

Technical Context

Classified as CWE-121 (Stack-based Buffer Overflow). Affects CSV logging configuration. Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH (Structured Exception Handler) overwrite techniques to achieve remote code execution.

Affected Products

Product: CSV logging configuration.

Remediation

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +42

POC: +20

CVE-2019-25360 vulnerability details – vuln.today

Back

CVE-2019-25360

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2019-25360

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code