Cyber Resilience

CVE-2020-37049

HighPublic PoC

Published: 30 January 2026

Published
30 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 10.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37049 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2020-37049 is a local buffer overflow vulnerability (CWE-120) in Frigate version 3.36.0.9, specifically affecting the Command Line input field. This flaw enables attackers to execute arbitrary code by crafting a malicious payload that overflows the buffer. The vulnerability has a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H).

Local attackers can exploit this vulnerability with low complexity and no privileges or user interaction required. By providing a specially crafted input sequence, they can overflow the buffer, bypass DEP, and achieve arbitrary code execution, such as launching calc.exe.

Advisories and related resources include a Vulncheck advisory detailing the Frigate command line local buffer overflow, an Exploit-DB entry (48563) with exploit code, and an archived Frigate website.

EU & UK References

Vulnerability details

Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through…

more

a specially crafted input sequence.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local buffer overflow in command-line input directly enables arbitrary code execution without privileges, mapping to exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2018-25299Shared CWE-120
CVE-2026-1679Shared CWE-120
CVE-2026-28925Shared CWE-120
CVE-2018-9387Shared CWE-120
CVE-2025-71263Shared CWE-120
CVE-2025-47388Shared CWE-120
CVE-2018-25263Shared CWE-120
CVE-2022-49754Shared CWE-120
CVE-2025-49495Shared CWE-120
CVE-2025-47389Shared CWE-120

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of command line inputs to prevent buffer overflows from specially crafted payloads.

prevent

Implements memory protections like DEP and stack canaries to mitigate exploitation of buffer overflows even if bypass attempts are made.

prevent

Mandates timely remediation of known flaws like this buffer overflow vulnerability through patching Frigate to a non-vulnerable version.

References