CVE-2020-37124
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-02-05

Last updated on: 2026-02-05

Assigner: VulnCheck

Description
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-05
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-02-05
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37124
EUVD
EUVD-2020-31044
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37124 is a buffer overflow vulnerability in B64dec version 1.1.2, a Base64 decoder application for Windows. This vulnerability allows attackers to execute arbitrary code by overwriting the Structured Exception Handler (SEH) with specially crafted input during the Base64 decoding process.

Attackers can use an egghunter technique combined with a carefully constructed payload to inject and execute malicious code locally. The exploit involves creating a malicious input file that triggers the buffer overflow and SEH overwrite, enabling execution of shellcode such as launching the Windows calculator (calc.exe).

Impact Analysis

This vulnerability can lead to arbitrary code execution on a system running the vulnerable B64dec 1.1.2 application. An attacker who can supply crafted Base64 encoded input can exploit the buffer overflow to run malicious code with the privileges of the user running the application.

Potential impacts include local privilege escalation, unauthorized system access, execution of malware, or other malicious activities depending on the payload delivered by the attacker.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by creating and using a specially crafted input file that triggers the buffer overflow in B64dec 1.1.2 during the Base64 decoding process.'}, {'type': 'paragraph', 'content': 'A known method involves generating a payload file (e.g., "crash.txt") containing a crafted buffer with specific padding, shellcode, NOP sleds, an egghunter, and SEH overwrite values. When this file is decoded by the vulnerable B64dec application, it triggers the overflow.'}, {'type': 'paragraph', 'content': 'The vulnerable program can be run from the command line using syntax similar to: b64dec "crash.txt"'}, {'type': 'paragraph', 'content': 'Detection commands or steps include:'}, {'type': 'list_item', 'content': 'Prepare the crafted input file (e.g., crash.txt) with the exploit buffer.'}, {'type': 'list_item', 'content': 'Run the vulnerable B64dec executable with the crafted file as input: b64dec "crash.txt"'}, {'type': 'list_item', 'content': 'Observe if the application crashes or executes unintended code (e.g., launches calc.exe), indicating the presence of the vulnerability.'}] [2]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37124. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart