CVE-2025-34123
published 2025-07-16CVE-2025-34123: A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue…
PriorityP348high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.46%
36.6th percentile
A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| videocharge_software | studio | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for VideoCharge Studio processes opening .VSC files from untrusted or external sources, which may trigger a stack-based buffer overflow via a malformed XML 'Name' attribute leading to SEH overwrite. ↗
- →A Metasploit module exists for this vulnerability (windows/fileformat/videocharge_studio), indicating weaponized exploit code is publicly available. Detect use of this module via generated .VSC file artifacts or associated shellcode patterns. ↗
- →Inspect .VSC (XML-based configuration) files for abnormally long strings in the XML 'Name' attribute, which is the attack vector for triggering the SEH overwrite. ↗
- ·Exploitation requires user interaction — an attacker must convince a user to open a malicious .VSC file. This limits remote exploitation to social engineering vectors. ↗
- ·Code execution occurs under the context of the logged-in user, meaning privilege level of impact depends on the victim's account permissions. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2025-07-16
Published