CVE-2025-4498: code-projects Simple Bus Reservation System Install Bus install stack-based overflow
Description
A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in code-projects Simple Bus Reservation System 1.0 entdeckt. Betroffen hiervon ist die Funktion a::install der Komponente Install Bus. Mittels dem Manipulieren des Arguments bus mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Classification
CVE ID: CVE-2025-4498
CVSS Base Severity: MEDIUM
CVSS Base Score: 4.8
CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Affected Products
Vendor: code-projects
Product: Simple Bus Reservation System
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 2.17% (scored less or equal to compared to others)
EPSS Date: 2025-06-08 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4498https://vuldb.com/?id.308214
https://vuldb.com/?ctiid.308214
https://vuldb.com/?submit.567108
https://github.com/zzzxc643/cve/blob/main/Bus%20Management%20System.md
https://code-projects.org/