Cyber Resilience

CVE-2016-20045

HighPublic PoC

Published: 28 March 2026

Published
28 March 2026
Modified
08 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 10.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2016-20045 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Hnb Project Hierarchical Notebook. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

HNB Organizer 1.9.18-10 suffers from a local buffer overflow vulnerability, classified as CVE-2016-20045 and tied to CWE-787 (Out-of-bounds Write). The flaw occurs when the application processes an oversized argument supplied to the -rc command-line parameter, enabling stack overwrite due to insufficient bounds checking.

Local attackers with access to the system can exploit this vulnerability without privileges (PR:N), requiring low complexity (AC:L) and no user interaction (UI:N). By crafting a malicious input string exceeding 108 bytes—incorporating shellcode and a return address—they can overwrite the stack, leading to arbitrary code execution with high confidentiality, integrity, and availability impacts (CVSS 8.4, CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Advisories from VulnCheck detail the buffer overflow via the -rc parameter in HNB Organizer 1.0 (likely referencing the affected 1.9.18-10 build), while Exploit-DB provides a public exploit (ID 40025) demonstrating code execution. The official project site at hnb.sourceforge.net offers no specific patch or mitigation guidance in the referenced materials.

A proof-of-concept exploit is publicly available, indicating potential for real-world local privilege escalation on unpatched systems, though no widespread exploitation has been documented in the provided information.

EU & UK References

Vulnerability details

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and…

more

a return address to overwrite the stack and achieve code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local buffer overflow via oversized -rc argument enables stack-based arbitrary code execution, directly mapping to exploitation for privilege escalation on the local system.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2016-20044Shared CWE-787
CVE-2026-23326Shared CWE-787
CVE-2024-43077Shared CWE-787
CVE-2024-53697Shared CWE-787
CVE-2025-20890Shared CWE-787
CVE-2026-23073Shared CWE-787
CVE-2025-20708Shared CWE-787
CVE-2025-1471Shared CWE-787
CVE-2024-35273Shared CWE-787
CVE-2022-49062Shared CWE-787

Affected Assets

hnb project
hierarchical notebook
≤ 1.9.18-10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires bounds checking and validation of command-line inputs like the -rc parameter to prevent buffer overflows from oversized arguments.

prevent

Provides memory protections such as ASLR, DEP, and stack canaries that thwart exploitation of stack buffer overflows even if input validation fails.

prevent

Mandates identification, reporting, and correction of flaws like this buffer overflow vulnerability through patching or software removal.

References