CVE-2025-62691
Received
Published: 25 Nov 2025, 08:15
Last modified:25 Nov 2025, 08:15
Vulnerability Summary
Overall Risk
Medium Risk
39/100 CVSS Score
9.8 CRITICAL
CVSS v3.0 (VULTURES)
EPSS Score
0.23% INFO
0% probability
CISA KEV
Not listed
Ransomware
No reports
Exploits
None found
Dark Web
Not detected
Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege.
Source Identifier: vultures@jpcert.or.jp
| CVSS | Source | Severity | Exploit. | Impact | Vector |
|---|---|---|---|---|---|
| v4.0 | vultures@jpcert.or.jp | 9.3 CRITICAL | NA | NA | CVSS:4.0/AV:N/AC:L/AT:N/P... |
| v3.1 | n/a | ||||
| v3.0 | vultures@jpcert.or.jp | 9.8 CRITICAL | 3.9 | 5.9 | CVSS:3.0/AV:N/AC:L/PR:N/U... |
| v2.0 | n/a | ||||
0.23%
Current Score
45%ile
Percentile Rank
Loading chart...
Loading chart...
Stack-based Buffer Overflow CWE-121
Description:A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Not listed in CISA Known Exploited Vulnerabilities catalog.
No dark web activity detected for this vulnerability.
No known public exploit code indexed (as of 25 Nov 2025, 08:15).
Exploitation status can change quickly once PoC code appears.
No affected systems information available.
| URL | Tags | Source |
|---|---|---|
| https://jvn.jp/en/jp/JVN76298784/ | - | vultures@jpcert.or.jp |
| https://www.intercom.co.jp/information/2025/1125.html | - | vultures@jpcert.or.jp |