CVE-2017-20225
Published: 28 March 2026
Summary
CVE-2017-20225 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Ticalc Tiemu. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 48.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
TiEmu versions 2.08 and prior are affected by CVE-2017-20225, a stack-based buffer overflow vulnerability stemming from inadequate boundary checks on user-supplied input. This flaw, classified under CWE-787, enables attackers to execute arbitrary code within the application's context. The vulnerability arises specifically from processing command-line arguments passed to the TiEmu emulator, a tool for emulating Texas Instruments calculators.
Remote attackers can exploit this vulnerability without privileges or user interaction, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By supplying specially crafted command-line arguments, an attacker triggers the buffer overflow, leveraging return-oriented programming (ROP) gadgets to bypass protections and execute shellcode. Successful exploitation grants high-impact confidentiality, integrity, and availability compromises within the application's execution environment.
Advisories and related resources, including the TiEmu project page at http://lpg.ticalc.org/prj_tiemu/, an Exploit-DB proof-of-concept at https://www.exploit-db.com/exploits/42087, and a Vulncheck advisory at https://www.vulncheck.com/advisories/tiemu-stack-based-buffer-overflow-vulnerability, provide further details on the issue. Security practitioners should consult these for any guidance on patches or workarounds, as TiEmu is an older project with potential for unpatched deployments.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-18943
Vulnerability details
TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP gadgets…
more
to bypass protections and execute shellcode in the application context.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in command-line argument processing enables remote arbitrary code execution (AV:N) in the application context without authentication or user interaction, directly mapping to exploitation of a public-facing application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces boundary checks and validation on user-supplied command-line inputs to prevent stack-based buffer overflows.
Implements memory safeguards like stack canaries, ASLR, and DEP to protect against arbitrary code execution from stack overflows even if input validation fails.
Requires timely identification, reporting, and remediation of flaws like this buffer overflow vulnerability through patching or replacement of affected TiEmu versions.