Cyber Resilience

CVE-2016-20042

HighPublic PoC

Published: 28 March 2026

Published
28 March 2026
Modified
01 May 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0014 4.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2016-20042 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Sourceforge (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 4.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2016-20042 is a stack buffer overflow vulnerability (CWE-787) in TRN version 3.6-23, a newsreader application. The flaw occurs when the application processes an oversized command-line argument, enabling attackers to overwrite the stack and potentially execute arbitrary code. Published on 2026-03-28 with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it highlights low complexity local access with high impacts on confidentiality, integrity, and availability.

Local attackers require only access to the system without privileges (PR:N) and no user interaction (UI:N) to exploit the vulnerability. By supplying a crafted command-line argument—specifically 156 bytes of padding followed by a return address—they can overwrite the instruction pointer, redirect execution, and run shellcode with the privileges of the user invoking the application.

Advisories, including the VulnCheck advisory on the TRN 3.6-23 stack buffer overflow, describe the issue and local code execution potential. An exploit is publicly available on Exploit-DB (ID 39764), and the TRN project page is hosted on SourceForge. No patches or specific mitigations are detailed in the provided references.

EU & UK References

Vulnerability details

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return…

more

address to overwrite the instruction pointer and execute shellcode with user privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Stack buffer overflow in local client app (TRN) enables arbitrary code execution via crafted CLI argument, directly mapping to client-side exploitation for code execution.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2019-25705Shared CWE-787
CVE-2019-25633Shared CWE-787
CVE-2026-0538Shared CWE-787
CVE-2016-20046Shared CWE-787
CVE-2019-25628Shared CWE-787
CVE-2019-25695Shared CWE-787
CVE-2018-25218Shared CWE-787
CVE-2026-42484Shared CWE-787
CVE-2019-25612Shared CWE-787
CVE-2025-43300Shared CWE-787

Affected Assets

Sourceforge
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of command-line arguments to detect and reject oversized inputs that trigger the stack buffer overflow.

prevent

Implements memory protections such as stack canaries, ASLR, and DEP to prevent exploitation of the buffer overflow for arbitrary code execution.

prevent

Mandates timely remediation of known flaws like this stack buffer overflow through patching or replacement of the vulnerable TRN application.

References