CVE-2020-37050
Published: 30 January 2026
Summary
CVE-2020-37050 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Cnet (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents buffer overflow exploitation by validating inputs from malicious .m3l files during the file loading mechanism.
Mitigates arbitrary code execution from buffer overflows through memory safeguards like ASLR and DEP.
Addresses the root cause by requiring timely flaw remediation and patching of the buffer overflow vulnerability in Quick Player.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The buffer overflow vulnerability in Quick Player enables arbitrary code execution via a malicious .m3l file, directly mapping to Exploitation for Client Execution (T1203).
NVD Description
Quick Player 1.3 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious .m3l file with carefully constructed payload. Attackers can trigger the vulnerability by loading a specially crafted file through the application's file…
more
loading mechanism, potentially enabling remote code execution.
Deeper analysisAI
CVE-2020-37050 is a buffer overflow vulnerability (CWE-120) affecting Quick Player version 1.3. The flaw enables attackers to execute arbitrary code by crafting a malicious .m3l file containing a carefully constructed payload. It is triggered through the application's file loading mechanism when processing the specially crafted file, potentially leading to remote code execution. The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical.
Any remote attacker can exploit this vulnerability without authentication or user interaction prerequisites per the CVSS vector. By delivering the malicious .m3l file, the attacker achieves high-impact remote code execution, compromising confidentiality, integrity, and availability on the targeted system.
Advisories and references, including those from VulnCheck (https://www.vulncheck.com/advisories/quick-player-ml-buffer-overflow) and Exploit-DB (https://www.exploit-db.com/exploits/48564), detail the issue. An archived blog post by whitecr0wz (https://web.archive.org/web/20201022211753/https://whitecr0wz.github.io/posts/Exploiting-Quick-Player/) provides exploitation analysis, accompanied by imagery (https://web.archive.org/web/20210105222205/https://whitecr0wz.github.io/assets/img/Findings6/18.gif). No specific patch or mitigation steps are outlined in the provided information.
A proof-of-concept exploit is publicly available on Exploit-DB, indicating potential for practical exploitation in environments running the affected Quick Player version downloadable from sources like CNET (https://download.cnet.com/quick-player/3000-2168_4-10871417.html). The CVE was published on 2026-01-30.
Details
- CWE(s)