CVE-2019-25327 in Prime95
Summary
by MITRE • 02/13/2026
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/13/2026
The vulnerability identified as CVE-2019-25327 represents a critical buffer overflow flaw within Prime95 version 29.8 build 6 that fundamentally compromises system security through improper input validation. This issue affects the user ID input field and proxy host fields within the PrimeNet functionality of the software, creating a pathway for remote code execution that can be exploited without authentication. The vulnerability stems from insufficient bounds checking and memory management when processing user-supplied data, allowing attackers to overflow allocated buffers and overwrite adjacent memory locations with malicious code.
The technical exploitation of this vulnerability follows a specific attack pattern that aligns with common remote code execution vectors. Attackers craft malicious payloads that exceed the allocated buffer size in the user ID and proxy host input fields, causing a buffer overflow condition that can be leveraged to redirect program execution flow. The implementation of this exploit specifically targets the software's handling of network connection parameters, where the overflow can be manipulated to establish a bind shell on TCP port 3110, providing attackers with persistent remote access to the compromised system. This behavior demonstrates characteristics consistent with CWE-121, which describes heap-based buffer overflow conditions, and reflects techniques commonly associated with the attack pattern of command injection and privilege escalation.
The operational impact of this vulnerability extends beyond simple remote code execution to encompass complete system compromise and potential lateral movement within network environments. When successfully exploited, the bind shell on port 3110 creates a persistent backdoor that allows attackers to maintain access to the infected system, execute arbitrary commands, and potentially escalate privileges. The vulnerability affects systems running Prime95 version 29.8 build 6 that are connected to PrimeNet, making it particularly dangerous for users who participate in distributed computing projects or utilize the software for stress testing and benchmarking purposes. The attack surface is broad as any user who interacts with the software's network configuration features could inadvertently trigger the exploit, making this vulnerability particularly concerning for both individual users and enterprise environments.
Mitigation strategies for CVE-2019-25327 should prioritize immediate software updates to versions that address the buffer overflow conditions and implement proper input validation measures. Organizations should disable PrimeNet functionality entirely if not required for legitimate use cases, as this removes the attack vector associated with the vulnerable input fields. Network monitoring should be enhanced to detect connections to the specific bind shell port 3110 and unusual network traffic patterns that may indicate exploitation attempts. Security controls should include implementing network segmentation to limit access to systems running Prime95, deploying intrusion detection systems to monitor for known exploit signatures, and conducting regular vulnerability assessments to identify similar buffer overflow conditions in other software components. The vulnerability also highlights the importance of input sanitization and memory safety practices that align with secure coding guidelines from organizations such as the CERT/CC and the Open Web Application Security Project, which emphasize proper bounds checking and defensive programming techniques to prevent similar issues in software development processes.