high advisory March 28, 2026

SC v7.16 Stack-Based Buffer Overflow Vulnerability (CVE-2018-25222)

SC v7.16 is vulnerable to a stack-based buffer overflow, allowing local attackers to execute arbitrary code by providing oversized input exceeding 1052 bytes, leading to potential arbitrary code execution.

SC v7.16 is susceptible to a stack-based buffer overflow vulnerability, identified as CVE-2018-25222. This flaw enables local attackers to execute arbitrary code by crafting malicious input that exceeds buffer boundaries. Specifically, providing an input string longer than 1052 bytes can overwrite the instruction pointer, enabling the execution of attacker-controlled shellcode within the application’s context. This vulnerability poses a significant threat to systems running the affected version…

Detection coverage 2

Detect SC v7.16 Stack Buffer Overflow Attempt

high

Detects attempts to exploit the stack-based buffer overflow vulnerability (CVE-2018-25222) in SC v7.16 by monitoring for process execution with excessively long command line arguments.

sigma tactics: execution techniques: T1204.002 sources: process_creation, windows

Detect SC v7.16 Crash Due to Buffer Overflow

medium

Detects SC v7.16 process termination events indicative of a crash, which could be caused by a buffer overflow attempt.

sigma tactics: defense_evasion techniques: T1562.001 sources: process_creation, windows

Detection queries are kept inside the platform. Get full rules →