CVE-2020-37040
Published: 30 January 2026
Summary
CVE-2020-37040 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Codeblocks (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 8.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2020-37040 is a local buffer overflow vulnerability (CWE-120) affecting Code::Blocks version 17.12, an open-source integrated development environment (IDE). The flaw occurs when processing a malicious file name containing Unicode characters, leading to a buffer overflow that enables arbitrary code execution.
A local attacker can exploit this vulnerability with low complexity and no privileges required by pasting a specially crafted payload into the file name field during project creation. Successful exploitation allows execution of arbitrary system commands, such as calc.exe, with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H), resulting in high impacts on confidentiality, integrity, and availability.
Advisories and resources, including the Vulncheck advisory at https://www.vulncheck.com/advisories/code-blocks-file-name-local-buffer-overflow and an exploit at https://www.exploit-db.com/exploits/48594, document the issue. Official project sites at http://www.codeblocks.org/ and https://sourceforge.net/projects/codeblocks provide further details for potential updates.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-30938
Vulnerability details
Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name…
more
field during project creation, potentially executing system commands like calc.exe.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow in IDE enables direct arbitrary code execution on user interaction with malicious input (filename), mapping to client-side exploitation and command interpreters.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely identification, reporting, and patching of the buffer overflow flaw in Code::Blocks, directly eliminating the vulnerability.
Implements memory safeguards like DEP, ASLR, and stack canaries that block arbitrary code execution from the buffer overflow exploit.
Enforces validation of filename inputs to restrict malicious Unicode payloads that trigger the buffer overflow during project creation.