CVE-2020-37070
Published: 03 February 2026
Summary
CVE-2020-37070 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Cloudme (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 36.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SC-7 (Boundary Protection).
Deeper analysis
CVE-2020-37070 is a buffer overflow vulnerability (CWE-120) affecting CloudMe version 1.11.2. The vulnerability resides in the CloudMe service, which listens on TCP port 8888, and can be triggered by specially crafted network packets sent to this service, resulting in remote code execution.
The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating it is exploitable remotely over the network with low complexity, no privileges or user interaction required. Any unauthenticated remote attacker can send a malicious payload to the affected service on port 8888 to achieve arbitrary code execution on the target system.
Advisories and exploit details are documented in references including a VulnCheck advisory at https://www.vulncheck.com/advisories/cloudme-buffer-overflow-sehdepaslr and a public proof-of-concept exploit at https://www.exploit-db.com/exploits/48499. The vendor site is available at https://www.cloudme.com/en; no specific patch or mitigation details are provided in the CVE description.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31010
Vulnerability details
CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote…
more
code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in CloudMe service (TCP/8888) enables remote unauthenticated RCE, directly facilitating T1190: Exploit Public-Facing Application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the buffer overflow vulnerability in CloudMe 1.11.2 by identifying, reporting, and applying patches or upgrades.
Prevents remote code execution by monitoring and controlling network communications to the vulnerable CloudMe service on TCP port 8888.
Mitigates exposure by configuring the system to provide only essential capabilities, such as disabling or restricting the unnecessary CloudMe service.