{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25219", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-26T13:19:02.108Z", "datePublished": "2026-03-26T13:24:18.674Z", "dateUpdated": "2026-03-26T14:29:18.899Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-26T13:24:18.674Z"}, "datePublic": "2018-12-16T00:00:00.000Z", "title": "PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow", "descriptions": [{"lang": "en", "value": "PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadget and shellcode that triggers code execution when pasted into the Licensed E-mail and Registration Code field during the registration process."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Passfab", "product": "Excel Password Recovery", "versions": [{"version": "8.3.1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46301", "name": "ExploitDB-46301", "tags": ["exploit"]}, {"url": "https://www.passfab.com/products/excel-password-recovery.html", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.passfab.com/downloads/passfab-excel-password-recovery.exe", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/passfab-excel-password-recovery-seh-buffer-overflow"}], "credits": [{"lang": "en", "value": "Achilles", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T14:28:09.824447Z", "id": "CVE-2018-25219", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:29:18.899Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25219", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T14:28:09.824447Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:29:13.811Z"}}], "cna": {"title": "PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow", "credits": [{"lang": "en", "type": "finder", "value": "Achilles"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Passfab", "product": "Excel Password Recovery", "versions": [{"status": "affected", "version": "8.3.1"}]}], "datePublic": "2018-12-16T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46301", "name": "ExploitDB-46301", "tags": ["exploit"]}, {"url": "https://www.passfab.com/products/excel-password-recovery.html", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.passfab.com/downloads/passfab-excel-password-recovery.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/passfab-excel-password-recovery-seh-buffer-overflow", "name": "VulnCheck Advisory: PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadget and shellcode that triggers code execution when pasted into the Licensed E-mail and Registration Code field during the registration process."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-26T13:24:18.674Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25219", "state": "PUBLISHED", "dateUpdated": "2026-03-26T14:29:18.899Z", "dateReserved": "2026-03-26T13:19:02.108Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-26T13:24:18.674Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadget and shellcode that triggers code execution when pasted into the Licensed E-mail and Registration Code field during the registration process."}], "id": "CVE-2018-25219", "lastModified": "2026-03-26T15:13:15.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-26T14:16:06.090", "references": [{"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46301"}, {"source": "disclosure@vulncheck.com", "url": "https://www.passfab.com/downloads/passfab-excel-password-recovery.exe"}, {"source": "disclosure@vulncheck.com", "url": "https://www.passfab.com/products/excel-password-recovery.html"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/passfab-excel-password-recovery-seh-buffer-overflow"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.3.1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Excel Password Recovery", "source": "cna", "vendor": "Passfab"}, "product": "excel_password_recovery", "vendor": "passfab"}], "analysis": {"en": {"generated_at": "2026-03-26T15:04:50.350488+00:00", "value": {"mitigation_remediation": ["Upgrade PassFab Excel Password Recovery to a patched or newer release if one is available.", "If no update exists, avoid installing or running the software until a vendor patch is released.", "Enforce application whitelisting or other system hardening measures if the program is not essential.", "Monitor the vendor\u2019s website and security advisories for an official fix."], "summary": {"action": "Immediate Patch", "impact": "Local Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is PassFab Excel Password Recovery, version 8.3.1. No other versions or products are listed in the advisory.", "description_and_impact": "The vulnerability is a structured exception handling buffer overflow in the registration process of PassFab Excel Password Recovery. A local attacker can supply a malicious payload in the email and registration code field, which triggers a pop\u2011pop\u2011ret gadget and executes arbitrary code. The flaw is a memory corruption issue (CWE\u2011787) that enables local code execution by the user running the application.", "risk_and_exploitability": "The CVSS base score is 8.6, indicating high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited exploitation in the wild. Attackers need local access and the ability to run the program to supply the payload; therefore the risk is primarily to privileged or local users rather than remote attackers."}}}}, "created": "2026-03-27T08:34:23.143954+00:00", "updated": "2026-03-27T09:26:51.973135+00:00", "vendors": ["passfab", "passfab$PRODUCT$excel_password_recovery"]}