Buffer Overflow Vulnerability in Nixdorf Wincor PORT IO Driver
CVE-2025-5555

8.5HIGH

Key Information:

Vendor

Nixdorf Wincor

Status
Port Io Driver
Vendor
CVE Published:
18 October 2025

What is CVE-2025-5555?

A vulnerability is present in the Nixdorf Wincor PORT IO Driver, specifically in the IOCTL Handler component. This flaw, located within the wnport.sys library, allows for a stack-based buffer overflow when the sub_11100 function is manipulated. This vulnerability requires local access to exploit, posing a risk for systems with the affected driver version 1.0.0.1 or earlier. Users are advised to upgrade to version 3.0.0.1 to address this issue effectively, following the vendor's early provision of a patch to mitigate the exploit.

Affected Version(s)

PORT IO Driver 1.0.0.0

PORT IO Driver 1.0.0.1

PORT IO Driver 3.0.0.1

References

https://vuldb.com/?id.329013
vdb-entrytechnical-description
https://vuldb.com/?ctiid.329013
signaturepermissions-required
https://vuldb.com/?submit.604823
third-party-advisory

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

rickqwq (VulDB User)
JSON
.
CVE-2025-5555 : Buffer Overflow Vulnerability in Nixdorf Wincor PORT IO Driver