Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Sricam DeviceViewer 3.12.0.1 allows hackers to execute code on your device
CVE-2019-25435
Summary
A hacker who has access to your Sricam DeviceViewer 3.12.0.1 can execute unauthorized code on your device, potentially causing damage or stealing sensitive information. This is a serious issue that can only be exploited by someone with legitimate access to your system. You should update to the latest version of Sricam DeviceViewer as soon as possible to fix the problem.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| sricam | deviceviewer | 3.12.0.1 | – |
Original title
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data ...
Original description
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.4
Vulnerability type
CWE-121
Stack-based Buffer Overflow
- https://www.exploit-db.com/exploits/47477 Exploit VDB Entry
- https://www.sricam.com/ Product
- https://www.vulncheck.com/advisories/sricam-deviceviewer-local-buffer-overflow-d... Third Party Advisory
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026