NVClient 5.0 Stack Buffer Overflow Vulnerability via User Configuration

Advisories

severity: medium
date: December 15, 2025
Affecting: NVClient 5.0
CVE: CVE-2023-53879
CWE: CWE-121 Stack-based Buffer Overflow
CVSS: 5.3
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-51700
NVClient Product Documentation
Credit: Ahmet Ümit BAYRAM
Description: NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition.