Primary

Context

ZOC Terminal Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in ZOC Terminal version 7.25.5. The issue arises in the private key file input field, where an attacker can overwrite the input with a 2000-byte buffer. This causes the application to become unresponsive when it attempts to create SSH key files.

Impact

Exploitation of this vulnerability leads to a crash of the ZOC Terminal application, causing it to become unresponsive.

Reproduction

To reproduce this vulnerability, first create a text file containing a 2000-byte buffer of repeated characters. After saving this file, open ZOC Terminal and navigate to the 'Create SSH Key Files' option. In the 'Private key file' field, erase the existing content and paste the buffered text from the clipboard. Once the buffer is pasted, click on 'Create public/private key files', which will cause the application to crash.

Added: Feb 5, 2026, 7:42 PM

Updated: Feb 5, 2026, 9:23 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.2

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.2

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZOC Terminal Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

EmTec ZOC Terminal

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating