cve/2025/CVE-2025-9175.md

### [CVE-2025-9175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9175)
![](https://img.shields.io/static/v1?label=Product&message=shc&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.0.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.0.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.0.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20Corruption&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Stack-based%20Buffer%20Overflow&color=brightgreen)

### Description

A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used.
Eine Schwachstelle wurde in neurobin shc bis 4.0.3 gefunden. Es geht dabei um die Funktion make der Datei src/shc.c. Die Veränderung resultiert in stack-based buffer overflow. Der Angriff muss lokal erfolgen. Der Exploit wurde der Öffentlichkeit bekannt gemacht und könnte verwendet werden.

### POC

#### Reference
- https://magnificent-dill-351.notion.site/Stack-Overflow-in-shc-4-0-3-249c693918ed804b8c44ee11eb0af087

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds