Vulnerabilities ›

CVE-2019-25658

Medium

CWE-787 — Weakness Type

                    Published: Apr 5, 2026                      ·  Modified: Apr 8, 2026                      ·  Source: NVD                

CVSS v3

5.5

🔗 NVD Official

📄 Description (English)

a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click the Register button to trigger a denial of service crash.

🤖 AI Executive Summary

CVE-2019-25658 is a local buffer overflow vulnerability in a-Mac Address Change 5.4 that allows local attackers to crash the application through oversized input in registration form fields. With a CVSS score of 5.5 and no available patch, this poses a denial of service risk to organizations using this legacy software. The vulnerability requires local access and user interaction, limiting its immediate threat but warranting mitigation for business continuity.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 25, 2026 13:32

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily affects Saudi organizations using legacy a-Mac Address Change software for MAC address management. Government IT departments, telecommunications companies (STC, Mobily), and financial institutions managing network infrastructure are at moderate risk. The local-only nature limits exposure, but organizations with shared workstations or multi-user systems face higher DoS risk. Impact is primarily business continuity rather than data breach, affecting network administration capabilities.

🏢 Affected Saudi Sectors

Government IT Infrastructure Telecommunications (STC, Mobily, Zain) Banking and Financial Services Healthcare IT Networks Energy Sector Network Management

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1203 - Exploitation for Client Execution T1189 - Drive-by Compromise (if network-accessible)

⚖️ Saudi Risk Score (AI)

4.2

/ 10.0

🔧 Remediation Steps (English)

Immediate Actions:

1. Inventory all systems running a-Mac Address Change 5.4 and restrict access to trusted administrators only

2. Implement input validation at the application level to reject entries exceeding 50 characters in registration fields

3. Disable or restrict the registration functionality if not actively used



Compensating Controls:

1. Deploy application whitelisting to prevent unauthorized execution

2. Implement file integrity monitoring on the application directory

3. Restrict local user access through privilege management and account segmentation

4. Monitor for application crashes and implement alerting for abnormal termination



Detection Rules:

1. Monitor for a-Mac Address Change process crashes with event ID 1000 (Application Error)

2. Alert on registration form input exceeding 200 bytes

3. Track failed application launches following registration attempts



Long-term:

1. Plan migration to modern, actively maintained MAC address management solutions

2. Evaluate replacement tools with security updates and vendor support

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. قم بحصر جميع الأنظمة التي تعمل بـ a-Mac Address Change 5.4 وقيد الوصول للمسؤولين الموثوقين فقط

2. تطبيق التحقق من صحة الإدخال على مستوى التطبيق لرفض الإدخالات التي تتجاوز 50 حرفاً في حقول التسجيل

3. تعطيل أو تقييد وظيفة التسجيل إذا لم تكن قيد الاستخدام النشط



الضوابط التعويضية:

1. نشر قائمة بيضاء للتطبيقات لمنع التنفيذ غير المصرح به

2. تطبيق مراقبة سلامة الملفات على دليل التطبيق

3. تقييد وصول المستخدم المحلي من خلال إدارة الامتيازات وتقسيم الحسابات

4. مراقبة أعطال التطبيق وتطبيق التنبيهات لإنهاء غير طبيعي



قواعد الكشف:

1. مراقبة أعطال عملية a-Mac Address Change مع معرف الحدث 1000

2. تنبيه على إدخال نموذج التسجيل يتجاوز 200 بايت

3. تتبع محاولات تشغيل التطبيق الفاشلة بعد محاولات التسجيل



المدى الطويل:

1. التخطيط للهجرة إلى حلول إدارة عناوين MAC حديثة ومدعومة بنشاط

2. تقييم أدوات الاستبدال مع التحديثات الأمنية ودعم البائع

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring and logging

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Software development and change management DE.CM-1 - Detection and analysis of anomalies

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy and procedures A.12.4.1 - Event logging

🔗 References & Sources 3

🔗

http://amac.paqtool.com/

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/46292

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/a-mac-address-change-local-buffer-overflow-dos

disclosure@vulncheck.com

📊 CVSS Score

5.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score5.5

CWECWE-787

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-05

Source Feed nvd

🇸🇦 Saudi Risk Score

4.2

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-787

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2019-25658

Introduce Yourself

Sign In Required