Cyber Resilience

CVE-2020-37040

HighPublic PoC

Published: 30 January 2026

Published
30 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0019 8.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37040 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Codeblocks (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 8.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2020-37040 is a local buffer overflow vulnerability (CWE-120) affecting Code::Blocks version 17.12, an open-source integrated development environment (IDE). The flaw occurs when processing a malicious file name containing Unicode characters, leading to a buffer overflow that enables arbitrary code execution.

A local attacker can exploit this vulnerability with low complexity and no privileges required by pasting a specially crafted payload into the file name field during project creation. Successful exploitation allows execution of arbitrary system commands, such as calc.exe, with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H), resulting in high impacts on confidentiality, integrity, and availability.

Advisories and resources, including the Vulncheck advisory at https://www.vulncheck.com/advisories/code-blocks-file-name-local-buffer-overflow and an exploit at https://www.exploit-db.com/exploits/48594, document the issue. Official project sites at http://www.codeblocks.org/ and https://sourceforge.net/projects/codeblocks provide further details for potential updates.

EU & UK References

Vulnerability details

Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name…

more

field during project creation, potentially executing system commands like calc.exe.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Local buffer overflow in IDE enables direct arbitrary code execution on user interaction with malicious input (filename), mapping to client-side exploitation and command interpreters.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-4729Shared CWE-120
CVE-2020-37028Shared CWE-120
CVE-2020-37010Shared CWE-120
CVE-2025-27832Shared CWE-120
CVE-2024-57509Shared CWE-120
CVE-2018-25302Shared CWE-120
CVE-2025-66287Shared CWE-120
CVE-2025-27833Shared CWE-120
CVE-2022-47090Shared CWE-120
CVE-2018-25301Shared CWE-120

Affected Assets

Codeblocks
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, reporting, and patching of the buffer overflow flaw in Code::Blocks, directly eliminating the vulnerability.

prevent

Implements memory safeguards like DEP, ASLR, and stack canaries that block arbitrary code execution from the buffer overflow exploit.

prevent

Enforces validation of filename inputs to restrict malicious Unicode payloads that trigger the buffer overflow during project creation.

References