Vulnerability DatabaseCVE-2019-25631

CVE-2019-25631:
FinalWire AIDA64 vulnerability analysis and mitigation

AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences or report wizard functionality to trigger the overflow and execute code with application privileges.

Source: NVD

Related FinalWire AIDA64 vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2019-25633	HIGH	8.6	FinalWire AIDA64	cpe:2.3:a:aida64:aida64	No	No	Mar 24, 2026
CVE-2019-25631	HIGH	8.6	FinalWire AIDA64	cpe:2.3:a:aida64:aida64	No	No	Mar 24, 2026
CVE-2019-25629	HIGH	8.6	FinalWire AIDA64	cpe:2.3:a:aida64:aida64	No	No	Mar 24, 2026
CVE-2019-25360	HIGH	8.4	FinalWire AIDA64	cpe:2.3:a:aida64:aida64	No	Yes	Feb 18, 2026
CVE-2020-37140	MEDIUM	4.6	FinalWire AIDA64	cpe:2.3:a:aida64:aida64	No	Yes	Feb 05, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2019-25631: FinalWire AIDA64 vulnerability analysis and mitigation