Login Sign Up

CVE-2023-54328

6.5 MEDIUM
Denial of Service Buffer Overflow

📋 TL;DR

AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that allows attackers to crash the application via a 7000-byte payload. This could potentially lead to denial of service or further exploitation of the registration mechanism. Users running this specific version of the software are affected.

💻 Affected Systems

Products:
  • AimOne Video Converter
Versions: 2.04 Build 103
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is in the registration form component; requires user interaction to trigger

📦 What is this software?

Aimone Video Converter by Aimonesoft

View all CVEs affecting Aimone Video Converter →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the buffer overflow can be weaponized beyond DoS

🟠

Likely Case

Application crash causing denial of service and potential data loss in active conversion sessions

🟢

If Mitigated

Application instability or crashes without system compromise if proper memory protections are in place

🌐 Internet-Facing: LOW (software typically runs locally, not as a network service)
🏢 Internal Only: MEDIUM (requires user interaction with registration form, but could be triggered via social engineering)

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code is publicly available on ExploitDB and GitHub; requires user to input malicious payload in registration form

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No vendor advisory available (vendor website appears defunct)

Restart Required: No

Instructions:

No official patch available. Consider upgrading to alternative video conversion software.

🔧 Temporary Workarounds

Disable Registration Form

windows

Prevent access to the vulnerable registration form component

Network Segmentation

all

Isolate systems running vulnerable software from critical networks

🧯 If You Can't Patch

  • Uninstall AimOne Video Converter 2.04 Build 103 and replace with alternative software
  • Implement application whitelisting to prevent execution of potentially exploited binaries

🔍 How to Verify

Check if Vulnerable:

Check Help > About menu for version information; if version is 2.04 Build 103, system is vulnerable

Check Version:

Check via GUI: Help > About in AimOne Video Converter

Verify Fix Applied:

Verify software has been uninstalled or replaced with alternative video converter

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs from AimOne Video Converter
  • Unexpected termination events in Windows Event Logs

Network Indicators:

  • No network indicators (local vulnerability)

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="AimOne Video Converter.exe"

📊 Metadata

CVE ID: CVE-2023-54328
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-120
EPSS Score: 0.04% exploit probability (12.3th percentile)
Published: January 13, 2026
Last Updated: February 2, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-54328, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)