Local Buffer Overflow Vulnerability in Terminal Services Manager by LizardSystems
CVE-2019-25545

6.9MEDIUM

Key Information:

Vendor

Lizardsystems

Status
Terminal Services Manager
Vendor
CVE Published:
21 March 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2019-25545?

Terminal Services Manager 3.2.1 is impacted by a local buffer overflow vulnerability that enables attackers to crash the application. By entering an excessively long string (up to 5000 bytes) into the 'Computer name or IP address' field during the addition of a computer, an attacker can trigger a denial of service when the server entry is subsequently accessed. This flaw presents significant risks, particularly in environments where remote services are frequently deployed, making it crucial for users to implement recommended security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Terminal Services Manager 3.2.1 (Build 247)

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-25545 - Proof of Concept

References

https://www.exploit-db.com/exploits/46911
exploit
https://lizardsystems.com
product
https://www.vulncheck.com/advisories/terminal-services-ma...
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Alejandra Sánchez
JSON
.