Vulnerabilities ›

CVE-2019-25666

Medium

CWE-787 — Weakness Type

                    Published: Apr 5, 2026                      ·  Modified: Apr 8, 2026                      ·  Source: NVD                

CVSS v3

6.2

🔗 NVD Official

📄 Description (English)

SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.

🤖 AI Executive Summary

CVE-2019-25666 is a local buffer overflow vulnerability in SpotAuditor 3.6.7's Base64 Password Decoder that enables denial of service attacks through oversized input strings. With a CVSS score of 6.2 and no available patch, this vulnerability poses a moderate risk to organizations using this password auditing tool. The lack of exploit availability and local-only attack vector limit immediate threat, but the absence of a patch requires alternative mitigation strategies.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 22, 2026 20:49

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily affects Saudi government agencies, financial institutions, and large enterprises that utilize SpotAuditor for password security auditing and compliance verification. Banking sector organizations (SAMA-regulated) and government entities (NCA oversight) conducting internal security assessments face potential service disruption. The impact is localized to systems where SpotAuditor is installed, affecting internal security operations rather than customer-facing infrastructure. Healthcare and energy sectors using this tool for credential management audits may experience operational disruptions during security assessments.

🏢 Affected Saudi Sectors

Government Banking Healthcare Energy Telecommunications Enterprise IT

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1499.004 - Application Exhaustion Flood T1203 - Exploitation for Client Execution

⚖️ Saudi Risk Score (AI)

4.8

/ 10.0

🔧 Remediation Steps (English)

Immediate Actions:

1. Inventory all systems running SpotAuditor 3.6.7 and document their criticality and network isolation status

2. Restrict access to SpotAuditor's Base64 Password Decoder component to authorized personnel only

3. Implement input validation to reject Base64 strings exceeding documented maximum length specifications

4. Monitor application logs for crashes or unexpected terminations related to the decoder function



Compensating Controls:

5. Isolate SpotAuditor instances on segmented networks with restricted access controls

6. Implement application-level monitoring and alerting for decoder component failures

7. Use alternative password auditing tools that have active security support and regular patching

8. Establish manual review procedures for Base64-encoded password data before processing



Detection Rules:

9. Monitor for repeated Base64 decoder errors or application crashes in SpotAuditor logs

10. Alert on attempts to input Base64 strings larger than 10KB to the decoder interface

11. Track application crash dumps and correlate with decoder component activity

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. قم بحصر جميع الأنظمة التي تعمل بـ SpotAuditor 3.6.7 وتوثيق حالتها الحرجة وحالة عزلها عن الشبكة

2. قيّد الوصول إلى مكون Base64 Password Decoder في SpotAuditor للموظفين المصرح لهم فقط

3. طبّق التحقق من صحة الإدخال لرفض سلاسل Base64 التي تتجاوز مواصفات الطول الأقصى الموثقة

4. راقب سجلات التطبيق للأعطال أو الإنهاءات غير المتوقعة المتعلقة بوظيفة الفك

الضوابط البديلة:

5. عزل مثيلات SpotAuditor على شبكات مقسمة بضوابط وصول مقيدة

6. طبّق المراقبة على مستوى التطبيق والتنبيهات لأعطال مكون الفك

7. استخدم أدوات تدقيق كلمات مرور بديلة لها دعم أمني نشط وتصحيحات منتظمة

8. أنشئ إجراءات مراجعة يدوية لبيانات كلمات المرور المشفرة بـ Base64 قبل المعالجة

قواعد الكشف:

9. راقب أخطاء فك التشفير المتكررة أو أعطال التطبيق في سجلات SpotAuditor

10. أصدر تنبيهات عند محاولات إدخال سلاسل Base64 أكبر من 10KB إلى واجهة الفك

11. تتبع ملفات تفريغ أعطال التطبيق وربطها بنشاط مكون الفك

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.12.2.1 - Change management procedures ECC 2024 A.14.2.1 - Secure development policy

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Security patch management DE.CM-8 - Vulnerability scanning and monitoring

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development and change management A.12.2.1 - Change management procedures

🟣 PCI DSS v4.0.1

Requirement 6.2 - Security patches and updates Requirement 11.2 - Vulnerability scanning

🔗 References & Sources 3

🔗

http://www.nsauditor.com/order.html

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/46313

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/spotauditor-denial-of-service-buffer-overflow

disclosure@vulncheck.com

📊 CVSS Score

6.2

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score6.2

CWECWE-787

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-05

Source Feed nvd

🇸🇦 Saudi Risk Score

4.8

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-787

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2019-25666

Introduce Yourself

Sign In Required