Majid Alqabandi

**Name of the Vulnerable Software and Affected Versions** Gemalto SmartDiag Diagnosis Tool version 2.5 **Description** The issue concerns a stack-based Buffer Overflow with SEH Overwrite. This can occur via long input in the "Register a new card" fields. There is a potential risk of local code execution if untrusted input is provided to SmartDiag.exe or SymDiag.exe. **Recommendations** For Gemalto SmartDiag Diagnosis Tool version 2.5, consider restricting input to the "Register a new card" fields to prevent exploitation until a fix is available. As a temporary workaround, avoid using untrusted input with SmartDiag.exe or SymDiag.exe. At the moment, there is no information about a newer version that contains a fix for this vulnerability.