Vulnerabilities ›

CVE-2018-25275

Medium

CWE-120 — Weakness Type

                    Published: Apr 26, 2026                      ·  Modified: Apr 29, 2026                      ·  Source: NVD                

CVSS v3

6.2

🔗 NVD Official

📄 Description (English)

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the Camera name and DID number fields during camera addition to trigger an application crash.

🤖 AI Executive Summary

CVE-2018-25275 is a local buffer overflow vulnerability in Faleemi Plus 1.0.2 that allows attackers to crash the application through oversized input in camera configuration fields. While currently unexploited and lacking a patch, this vulnerability poses a denial-of-service risk to organizations using this surveillance management software. The medium CVSS score (6.2) reflects the local-only attack vector, but the lack of available patches necessitates immediate compensating controls.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 22, 2026 05:33

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily affects Saudi organizations operating surveillance and security camera management systems, particularly in banking sector security operations, government facilities (NCA, Ministry of Interior), healthcare institutions, and critical infrastructure monitoring (ARAMCO, SEC). The denial-of-service impact could disrupt security monitoring capabilities during critical incidents. Organizations relying on Faleemi Plus for CCTV management face operational disruption risks, though the local-only attack vector limits exposure to insider threats or physically proximate attackers.

🏢 Affected Saudi Sectors

Banking and Financial Services Government and Public Administration Healthcare Energy and Utilities Telecommunications Critical Infrastructure Security and Surveillance Operations

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1203 - Exploitation for Client Execution T1190 - Exploit Public-Facing Application

⚖️ Saudi Risk Score (AI)

5.2

/ 10.0

🔧 Remediation Steps (English)

Immediate Actions:

1. Inventory all systems running Faleemi Plus 1.0.2 and assess exposure to local attackers

2. Implement strict input validation on camera name and DID number fields to reject strings exceeding 256 characters

3. Restrict local access to Faleemi Plus administration interfaces through OS-level access controls and role-based permissions

4. Monitor application logs for repeated failed input attempts or application crashes



Compensating Controls:

5. Deploy application-level input sanitization: implement length checks before processing camera configuration inputs

6. Run Faleemi Plus with minimal privileges (non-administrator account) to limit crash impact

7. Implement process monitoring/auto-restart mechanisms to recover from application crashes

8. Isolate Faleemi Plus systems on segmented networks with restricted local access

9. Maintain regular backups of camera configurations to enable rapid recovery



Detection Rules:

- Alert on application crashes with error codes related to buffer overflow

- Monitor for repeated failed camera addition attempts with oversized payloads

- Track access to Faleemi Plus configuration files from unauthorized local accounts

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. حصر جميع الأنظمة التي تعمل بـ Faleemi Plus 1.0.2 وتقييم التعرض للمهاجمين المحليين

2. تطبيق التحقق الصارم من صحة الإدخال على حقول اسم الكاميرا ورقم DID لرفض السلاسل التي تتجاوز 256 حرفاً

3. تقييد الوصول المحلي إلى واجهات إدارة Faleemi Plus من خلال ضوابط الوصول على مستوى نظام التشغيل والأذونات المستندة إلى الأدوار

4. مراقبة سجلات التطبيق للكشف عن محاولات إدخال متكررة فاشلة أو أعطال التطبيق



الضوابط التعويضية:

5. نشر تنظيف الإدخال على مستوى التطبيق: تطبيق فحوصات الطول قبل معالجة مدخلات إعدادات الكاميرا

6. تشغيل Faleemi Plus بأقل الامتيازات (حساب غير إداري) لتقليل تأثير الأعطال

7. تطبيق مراقبة العملية/آليات إعادة التشغيل التلقائي للتعافي من أعطال التطبيق

8. عزل أنظمة Faleemi Plus على شبكات مقسمة مع وصول محلي مقيد

9. الحفاظ على نسخ احتياطية منتظمة من إعدادات الكاميرا لتمكين الاسترجاع السريع



قواعد الكشف:

- تنبيه عند أعطال التطبيق برموز خطأ متعلقة بتجاوز المخزن المؤقت

- مراقبة محاولات إضافة كاميرا متكررة فاشلة مع حمولات مفرطة الحجم

- تتبع الوصول إلى ملفات إعدادات Faleemi Plus من حسابات محلية غير مصرح بها

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.5.1.1 - Information security policies and procedures A.6.1.1 - Access control implementation A.12.2.1 - Change management procedures A.12.6.1 - Management of technical vulnerabilities

🔵 SAMA CSF

ID.BE-1 - Asset management PR.AC-1 - Access control policy PR.PT-1 - Security awareness and training DE.CM-1 - System monitoring

🟡 ISO 27001:2022

A.5.1 - Management direction for information security A.6.1 - Internal organization A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy

🔗 References & Sources 3

🔗

http://support.faleemi.com/fsc776/Faleemi_Plus_v1.0.2.exe

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/45414

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/faleemi-plus-denial-of-service-via-buffer-overflow

disclosure@vulncheck.com

📊 CVSS Score

6.2

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score6.2

CWECWE-120

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-26

Source Feed nvd

🇸🇦 Saudi Risk Score

5.2

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-120

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2018-25275

Introduce Yourself

Sign In Required