Cyber Resilience

CVE-2020-37024

HighPublic PoC

Published: 30 January 2026

Published
30 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0016 5.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37024 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Softonic (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 5.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2020-37024 is a stack-based buffer overflow vulnerability (CWE-120) affecting Nidesoft DVD Ripper version 5.2.18, specifically in the License Code registration parameter. The flaw enables attackers to execute arbitrary code by crafting a malicious payload and pasting it into the License Code field, which triggers the overflow and allows shellcode execution. It carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

A local attacker can exploit this vulnerability with low attack complexity and no required privileges. The CVSS assessment indicates no user interaction is needed beyond local access, resulting in high impacts to confidentiality, integrity, and availability. Successful exploitation provides full arbitrary code execution on the target system.

Advisories and related resources include the Nidesoft DVD Ripper page on Softonic, an exploit published on Exploit-DB (ID 48687), and a VulnCheck advisory on the local buffer overflow. No patches or specific mitigation steps are detailed in the provided references.

EU & UK References

Vulnerability details

Nidesoft DVD Ripper 5.2.18 contains a local buffer overflow vulnerability in the License Code registration parameter that allows attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the License Code field to trigger a…

more

stack-based buffer overflow and execute shellcode.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Local stack buffer overflow in client application directly enables arbitrary code execution via crafted input (license code field).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2020-37028Shared CWE-120
CVE-2020-37010Shared CWE-120
CVE-2025-27832Shared CWE-120
CVE-2024-57509Shared CWE-120
CVE-2018-25302Shared CWE-120
CVE-2025-66287Shared CWE-120
CVE-2025-27833Shared CWE-120
CVE-2022-47090Shared CWE-120
CVE-2018-25301Shared CWE-120
CVE-2019-25232Shared CWE-120

Affected Assets

Softonic
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates the License Code input to block malicious payloads that trigger the stack-based buffer overflow.

prevent

Implements memory safeguards like ASLR and DEP to prevent arbitrary code execution from the stack buffer overflow.

prevent

Requires timely remediation of the identified buffer overflow flaw through patching or software removal.

References