PatchSiren cyber security CVE debrief
CVE-2018-25344 10-Strike CVE debrief
A stack-based buffer overflow vulnerability exists in 10-Strike Network Inventory Explorer 8.54 within the registration key input field. The flaw allows local attackers to execute arbitrary code by supplying a maliciously crafted registration key that overwrites the structured exception handler (SEH) chain. The vulnerability was published on 2026-05-23 and last modified on 2026-05-26. The CVSS 4.0 vector indicates a local attack vector with low attack complexity, no privileges required, and no user interaction needed, resulting in high impacts to confidentiality, integrity, and availability. The weakness is classified as CWE-121 (Stack-based Buffer Overflow). The vulnerability status in NVD is currently marked as Deferred. No known exploitation in ransomware campaigns has been documented, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- 10-Strike
- Product
- Network Inventory Explorer
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-23
- Original CVE updated
- 2026-05-26
- Advisory published
- 2026-05-23
- Advisory updated
- 2026-05-26
Who should care
System administrators managing 10-Strike Network Inventory Explorer deployments, security teams responsible for endpoint protection, and organizations using network inventory management software should prioritize assessment and remediation.
Technical summary
The vulnerability is a stack-based buffer overflow (CWE-121) in the registration key input field of 10-Strike Network Inventory Explorer 8.54. An attacker can craft a malicious registration key string consisting of 4188 bytes of padding followed by SEH chain values and shellcode. When pasted into the registration dialog, this input triggers a structured exception handler overwrite, resulting in arbitrary code execution with the privileges of the application. The attack requires local access but does not require privileges or user interaction. The vulnerability was disclosed in 2018 but was added to NVD with a publication date of 2026-05-23 and subsequently modified on 2026-05-26. The NVD status is currently Deferred.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade to a patched version of 10-Strike Network Inventory Explorer if available from the vendor
- Restrict local access to systems running the affected application to trusted users only
- Monitor for anomalous application crashes or unexpected process behavior that may indicate exploitation attempts
- Implement application whitelisting to prevent unauthorized executable code from running
- Review and validate all software registration key inputs for length and format constraints
- Consider removing or disabling the software on critical systems until a patch is available
- Deploy endpoint detection and response (EDR) solutions to detect potential buffer overflow exploitation patterns
Evidence notes
The vulnerability description and technical details are sourced from NVD records with VulnCheck as the primary disclosure source. The CVSS 4.0 vector and CWE-121 classification are provided in the official NVD entry. The vendor identification carries low confidence and requires review, with '10 Strike' identified as a reference domain candidate.
Official resources
The vulnerability was disclosed via VulnCheck and is documented in NVD with references to the vendor website, Exploit-DB, and a VulnCheck advisory.