CVE-2020-37134
Denial of Service in UltraVNC Viewer via Malformed Payload
Publication date: 2026-02-05
Last updated on: 2026-02-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| uvnc | ultravnc_viewer | to 1.2.4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-37134 is a denial of service vulnerability in UltraVNC Viewer version 1.2.4.0 and earlier. It occurs because the application improperly handles input from the VNC Server connection dialog, specifically by allocating resources without limits or throttling. An attacker can exploit this by generating a malformed 256-byte payload and pasting it into the VNC Server input field, which causes the UltraVNC Viewer application to crash.
How can this vulnerability impact me? :
This vulnerability can cause the UltraVNC Viewer application to crash, resulting in a denial of service condition. An attacker with local access and the ability to interact with the user interface can trigger this crash by pasting a specially crafted 256-byte payload into the VNC Server connection dialog. This disrupts the availability of the UltraVNC Viewer application, potentially interrupting remote desktop sessions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition locally on systems running UltraVNC Viewer version 1.2.4.0 or earlier.'}, {'type': 'paragraph', 'content': 'A practical detection method involves creating a text file containing a 256-byte payload (for example, 256 repetitions of the character "A"), copying this payload to the clipboard, and then pasting it into the "VNC Server" input field of the UltraVNC Viewer application before attempting to connect.'}, {'type': 'paragraph', 'content': 'If the application crashes upon pasting this payload and attempting connection, the vulnerability is present.'}, {'type': 'paragraph', 'content': 'No specific network commands are applicable since the attack vector is local and requires user interaction.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps include avoiding the use of UltraVNC Viewer version 1.2.4.0 or earlier until a patch or update is available.'}, {'type': 'paragraph', 'content': 'Do not paste or allow untrusted input into the "VNC Server" connection dialog, as this is the vector for triggering the denial of service.'}, {'type': 'paragraph', 'content': 'Consider restricting local user access to the UltraVNC Viewer application to prevent exploitation.'}, {'type': 'paragraph', 'content': 'Monitor for updates or patches from the vendor (https://www.uvnc.com/) and apply them as soon as they are released.'}] [1, 2]