Login Sign Up

CVE-2019-25340

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

CVE-2019-25340 is a stack-based buffer overflow vulnerability in SpotAuditor's Base64 decryption feature that allows attackers to cause denial of service by crashing the application. Attackers can exploit this by providing malformed input with 2000 repeated characters in the Base64 Encrypted Password field. This affects SpotAuditor users running vulnerable versions.

💻 Affected Systems

Products:
  • SpotAuditor
Versions: 5.3.2 and likely earlier versions
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the Base64 decryption feature when processing input in the Base64 Encrypted Password field.

📦 What is this software?

Spotauditor by Nsasoft

View all CVEs affecting Spotauditor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to denial of service, potentially disrupting security auditing operations and requiring manual restart of the application.

🟠

Likely Case

Application crash when processing malicious input, requiring restart of SpotAuditor and potential loss of unsaved audit data.

🟢

If Mitigated

No impact if input validation is implemented or vulnerable version is not used.

🌐 Internet-Facing: LOW - SpotAuditor is typically used internally for security auditing and not exposed to the internet.
🏢 Internal Only: MEDIUM - Internal attackers with access to the application could disrupt security auditing operations.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires access to the application interface and ability to input data into the vulnerable field. Proof of concept is publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.3.3 or later

Vendor Advisory: http://www.nsauditor.com/

Restart Required: Yes

Instructions:

1. Download latest version from nsauditor.com. 2. Install over existing installation. 3. Restart the application.

🔧 Temporary Workarounds

Input Validation

windows

Implement input validation to reject Base64 strings longer than expected length

Application Firewall Rules

windows

Restrict network access to SpotAuditor to authorized users only

🧯 If You Can't Patch

  • Restrict access to SpotAuditor to trusted users only
  • Monitor for abnormal application crashes and investigate any instances

🔍 How to Verify

Check if Vulnerable:

Check SpotAuditor version in Help > About menu. If version is 5.3.2 or earlier, it is likely vulnerable.

Check Version:

Check Help > About menu in SpotAuditor GUI

Verify Fix Applied:

Verify version is 5.3.3 or later in Help > About menu. Test Base64 field with various inputs to ensure no crashes.

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs
  • Unexpected termination events in Windows Event Log

Network Indicators:

  • Unusual network traffic to/from SpotAuditor if network-enabled

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="SpotAuditor.exe"

📊 Metadata

CVE ID: CVE-2019-25340
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-121
EPSS Score: 0.02% exploit probability (5.2th percentile)
Published: February 12, 2026
Last Updated: February 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-25340, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)
CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)
CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)