CVE-2019-25357 HIGH

CVE-2019-25357: Control Center PRO 6.2.9 - Local Stack Based BufferOverflow

Vendor Webgate Inc.
Product Control Center PRO
Weakness CWE-121
Published February 18, 2026
Last update March 5, 2026

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute arbitrary code on vulnerable Windows systems.

Key dates

02Disclosure timeline

February 18, 2026 CVE published
March 5, 2026 Record updated