Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Buffer overflow in Immunity Debugger

Posted date 17/03/2025
Identificador
INCIBE-2025-0142
Importance
3 - Medium
Affected Resources

Immunity Debugger, 1.85 version.

Description

INCIBE has coordinated the publication of a medium severity vulnerability affecting Immunity Debugger, a tool designed to analyze binaries, find vulnerabilities and understand software behaviour, which was discovered by Rafael Pedrero.

This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and vulnerability type CWE:

  • CVE-2025-2401: CVSS v4.0: 5.4 | CVSS AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-119
Solution

Immunity Debugger is no longer supported and is not available for download.

Detail

CVE-2025-2401: buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking.

Etiquetas