CVE-2025-14196

High

Published: 07 December 2025

Published

07 December 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0015 35.6th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The…

exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Enforces validation of the 'param' argument in /goform/aspForm to directly prevent buffer overflow from improper input handling.

SI-16 Memory Protection good match

prevent

Implements memory protections such as ASLR and DEP to comprehensively mitigate exploitation of the buffer overflow vulnerability.

SI-2 Flaw Remediation good match

prevent

Mandates identification, reporting, and remediation of the specific buffer overflow flaw in sub_44de0 to eliminate the vulnerability.

Security SummaryAI

CVE-2025-14196 is a buffer overflow vulnerability affecting H3C Magic B1 devices up to version 100R004. The issue resides in the sub_44de0 function within the /goform/aspForm file, where manipulation of the "param" argument triggers the overflow. This flaw, linked to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input), carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity.

Remote attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables high-impact consequences, including unauthorized access to sensitive data (C:H), modification of system integrity (I:H), and disruption of availability (A:H), potentially leading to remote code execution on the affected device.

References, including GitHub repositories and VulDB entries, document a publicly available proof-of-concept exploit but provide no details on vendor patches or official advisories. The vendor was notified early but has not responded.

Notable context includes the public availability of the exploit, increasing the risk of active exploitation against unpatched H3C Magic B1 devices.

Details

CWE(s): CWE-119 CWE-120

References

https://github.com/lin-3-start/lin-cve/blob/main/H3C%20Magic%20B1/H3C%20Magic%20B1.md
cna@vuldb.com
https://github.com/lin-3-start/lin-cve/blob/main/H3C%20Magic%20B1/H3C%20Magic%20B1.md#poc
cna@vuldb.com
https://vuldb.com/?ctiid.334616
cna@vuldb.com
https://vuldb.com/?id.334616
cna@vuldb.com
https://vuldb.com/?submit.699387
cna@vuldb.com