cbcvebase.
CVE-2025-34123
published 2025-07-16

CVE-2025-34123: A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue…

PriorityP348high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.46%
36.6th percentile
A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user.

Affected

1 ranges
VendorProductVersion rangeFixed in
videocharge_softwarestudio

Detection & IOCsextracted from sources · hover to see the quote

versionVideoCharge Studio 2.12.3.685
filename.VSC
  • Monitor for VideoCharge Studio processes opening .VSC files from untrusted or external sources, which may trigger a stack-based buffer overflow via a malformed XML 'Name' attribute leading to SEH overwrite.
  • A Metasploit module exists for this vulnerability (windows/fileformat/videocharge_studio), indicating weaponized exploit code is publicly available. Detect use of this module via generated .VSC file artifacts or associated shellcode patterns.
  • Inspect .VSC (XML-based configuration) files for abnormally long strings in the XML 'Name' attribute, which is the attack vector for triggering the SEH overwrite.
  • ·Exploitation requires user interaction — an attacker must convince a user to open a malicious .VSC file. This limits remote exploitation to social engineering vectors.
  • ·Code execution occurs under the context of the logged-in user, meaning privilege level of impact depends on the victim's account permissions.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.