CVE-2025-4892 is a stack-based buffer overflow vulnerability identified in version 1.0 of the code-projects Police Station Management System, specifically within the function criminal::remove located in the source.cpp file under the Delete Record component. The vulnerability arises from improper handling of the argument 'No', which when manipulated, leads to a stack-based buffer overflow condition. This type of vulnerability can allow an attacker to overwrite the stack memory, potentially leading to arbitrary code execution, application crashes, or other unpredictable behavior. The attack vector requires local access with low privileges (PR:L) and does not require user interaction (UI:N). The CVSS v4.0 base score is 4.8, categorized as medium severity, reflecting limited exploitability and impact scope. The vulnerability affects confidentiality, integrity, and availability to a limited extent (VC:L, VI:L, VA:L). No public exploits are currently known in the wild, but the exploit details have been disclosed publicly, increasing the risk of future exploitation. The vulnerability does not require network access and must be exploited locally, which limits the attack surface primarily to insiders or users with local access to the system. The Police Station Management System is a critical application used for managing law enforcement records, and exploitation could disrupt record management or lead to unauthorized data manipulation.

For European organizations, particularly law enforcement agencies and public safety departments using the affected Police Station Management System version 1.0, this vulnerability poses a risk of local privilege escalation or denial of service through application crashes. Although the CVSS score is medium, the critical nature of police management systems means any disruption or unauthorized modification of criminal records could have severe operational and legal consequences. Confidentiality breaches could expose sensitive personal data of individuals under investigation, while integrity violations could compromise the accuracy of criminal records, potentially affecting judicial outcomes. Availability impacts could hinder police operations and emergency response. The local access requirement reduces the risk from external attackers but raises concerns about insider threats or compromised local accounts. European organizations must consider the sensitivity of the data and the criticality of uninterrupted service in their risk assessments.

1. Immediate upgrade or patching: Although no official patch links are provided, organizations should seek updates from the vendor or apply custom fixes to the source.cpp file, specifically validating and sanitizing the 'No' argument to prevent buffer overflow. 2. Restrict local access: Limit user permissions and physical or remote desktop access to systems running the Police Station Management System to trusted personnel only. 3. Implement application whitelisting and behavior monitoring to detect anomalous activity related to the criminal::remove function or unexpected crashes. 4. Conduct code review and static analysis on the vulnerable component to identify and remediate similar buffer overflow risks. 5. Employ endpoint protection solutions capable of detecting exploitation attempts of stack-based buffer overflows. 6. Establish strict auditing and logging of local user actions on the system to quickly identify potential misuse. 7. Train staff on insider threat awareness and enforce strong authentication and session management to reduce risk of unauthorized local access.