Platform
c
Component
snes9k
Fixed in
0.0.10
CVE-2018-25251 describes a buffer overflow vulnerability discovered in the Snes9K emulator, specifically affecting version 0.0.9z. This flaw allows a local attacker to trigger a structured exception handler (SEH) overwrite, potentially leading to arbitrary code execution. The vulnerability resides within the Netplay Socket Port Number field, making it exploitable through the emulator's Netplay Options menu. A fix is available in later versions of Snes9K.
The primary impact of CVE-2018-25251 is the potential for arbitrary code execution on the system running the vulnerable Snes9K emulator. An attacker could craft a malicious payload and inject it into the Netplay Socket Port Number field. This crafted input triggers a buffer overflow, overwriting the SEH chain and allowing the attacker to execute their own code. This could lead to complete system compromise, including data theft, installation of malware, or denial of service. The vulnerability's local nature means an attacker needs physical or otherwise local access to the system to exploit it, but the consequences of successful exploitation are severe.
CVE-2018-25251 is not listed on the CISA KEV catalog. Public proof-of-concept (PoC) exploits for this vulnerability are not widely known, but the SEH overwrite technique is well-established. The vulnerability's local nature and the relatively low popularity of Snes9K may limit its immediate exploitation potential, but the ease of exploitation once local access is gained remains a concern. The vulnerability was publicly disclosed on 2026-04-04.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2018-25251 is to upgrade to a patched version of Snes9K that addresses the buffer overflow vulnerability. Unfortunately, specific patched versions are not provided in the input. If upgrading is not immediately feasible, consider restricting access to the Netplay Options menu to prevent unauthorized modification of the Socket Port Number field. While a WAF or proxy is unlikely to be applicable in this scenario, monitoring system logs for unusual activity related to Snes9K processes could provide early warning signs of exploitation attempts. After upgrading, confirm the fix by attempting to input a very long string into the Socket Port Number field and verifying that no crash or unexpected behavior occurs.
Update to a patched version of Snes9K that fixes the buffer overflow in the Netplay Socket Port Number field. Check the project page on SourceForge for the latest stable version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2018-25251 is a buffer overflow vulnerability in Snes9K emulator version 0.0.9z. An attacker can exploit this by crafting a malicious payload in the Netplay Socket Port Number field, potentially leading to code execution.
You are affected if you are using Snes9K version 0.0.9z. Upgrade to a patched version to mitigate the risk.
Upgrade to a patched version of Snes9K. Unfortunately, specific patched versions are not provided in the input.
While there are no widespread reports of active exploitation, the vulnerability's ease of exploitation makes it a potential target.
Refer to the Snes9K project website or relevant security mailing lists for official advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.