CVE-2016-20045
Published: 28 March 2026
Summary
CVE-2016-20045 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Hnb Project Hierarchical Notebook. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
HNB Organizer 1.9.18-10 suffers from a local buffer overflow vulnerability, classified as CVE-2016-20045 and tied to CWE-787 (Out-of-bounds Write). The flaw occurs when the application processes an oversized argument supplied to the -rc command-line parameter, enabling stack overwrite due to insufficient bounds checking.
Local attackers with access to the system can exploit this vulnerability without privileges (PR:N), requiring low complexity (AC:L) and no user interaction (UI:N). By crafting a malicious input string exceeding 108 bytes—incorporating shellcode and a return address—they can overwrite the stack, leading to arbitrary code execution with high confidentiality, integrity, and availability impacts (CVSS 8.4, CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Advisories from VulnCheck detail the buffer overflow via the -rc parameter in HNB Organizer 1.0 (likely referencing the affected 1.9.18-10 build), while Exploit-DB provides a public exploit (ID 40025) demonstrating code execution. The official project site at hnb.sourceforge.net offers no specific patch or mitigation guidance in the referenced materials.
A proof-of-concept exploit is publicly available, indicating potential for real-world local privilege escalation on unpatched systems, though no widespread exploitation has been documented in the provided information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2016-10845
Vulnerability details
HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and…
more
a return address to overwrite the stack and achieve code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow via oversized -rc argument enables stack-based arbitrary code execution, directly mapping to exploitation for privilege escalation on the local system.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires bounds checking and validation of command-line inputs like the -rc parameter to prevent buffer overflows from oversized arguments.
Provides memory protections such as ASLR, DEP, and stack canaries that thwart exploitation of stack buffer overflows even if input validation fails.
Mandates identification, reporting, and correction of flaws like this buffer overflow vulnerability through patching or software removal.