CVE-2020-37124
Published: 05 February 2026
Summary
CVE-2020-37124 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in 4Mhz (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2020-37124 is a buffer overflow vulnerability (CWE-121) affecting B64dec version 1.1.2. The flaw occurs during the base64 decoding process, where crafted input overwrites the Structured Exception Handler (SEH), enabling attackers to leverage an egg hunter technique and a carefully constructed payload to execute arbitrary code.
The vulnerability is exploitable by remote attackers over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N), and resulting in unchanged scope (S:U) with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), as scored at 9.8 under CVSS v3.1. Successful exploitation allows arbitrary code execution on the target system processing the malicious base64 input.
Advisories and references include the B64dec homepage at http://4mhz.de/b64dec.html, a proof-of-concept exploit published on Exploit-DB at https://www.exploit-db.com/exploits/48317, and a VulnCheck advisory detailing the buffer overflow and SEH overwrite with egg hunter at https://www.vulncheck.com/advisories/bdec-buffer-overflow-seh-overflow-egg-hunter. No patches or specific mitigations are mentioned in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31044
Vulnerability details
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code…
more
during base64 decoding process.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote buffer overflow with SEH overwrite directly enables unauthenticated RCE against a network-exposed decoder utility (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Implements memory protections like non-executable stacks, ASLR, and stack canaries to block arbitrary code execution via SEH overwrite and egg hunter techniques in buffer overflows.
Validates base64 decoding inputs to reject crafted payloads that trigger the buffer overflow vulnerability during the decoding process.
Requires identification, reporting, and remediation of flaws like CVE-2020-37124 through patching, updating, or replacing the vulnerable B64dec 1.1.2 software.