CVE-2020-37159
Buffer Overflow in Parallaxis Cuckoo Clock Enables Remote Code Execution
Publication date: 2026-02-07
Last updated on: 2026-02-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| parallaxis | cuckoo_clock | to 5.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-37159 is a critical stack-based buffer overflow vulnerability in Parallaxis Cuckoo Clock version 5.0. It occurs in the alarm scheduling feature where an attacker can input a malicious payload exceeding 260 bytes. This payload overwrites key memory registers, specifically the Extended Instruction Pointer (EIP) and Extended Base Pointer (EBP), allowing the attacker to execute arbitrary code.
The exploit involves crafting a buffer that overwrites EBP at 256 bytes and EIP at 260 bytes, enabling shellcode execution. The vulnerability arises because the application lacks modern exploit mitigations such as ASLR, rebasing, and SafeSEH in a critical DLL, making it easier to predict memory layout and successfully execute injected code.
How can this vulnerability impact me? :
This vulnerability allows an attacker to execute arbitrary code on the affected system by exploiting the buffer overflow in the alarm scheduling feature. Successful exploitation can lead to remote code execution, enabling the attacker to run malicious programs, potentially compromising system confidentiality, integrity, and availability.
Because the exploit can be triggered locally with low complexity and no privileges required, but user interaction is needed, it poses a significant risk. An attacker could, for example, execute shellcode to launch unauthorized applications or gain control over the system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if Parallaxis Cuckoo Clock version 5.0 is installed and by testing the alarm scheduling feature for buffer overflow behavior.'}, {'type': 'paragraph', 'content': 'A practical detection method involves attempting to input a crafted payload exceeding 260 bytes into the "New Alarm" textbox within the application to see if it causes abnormal behavior or crashes, indicating the presence of the vulnerability.'}, {'type': 'paragraph', 'content': 'No specific network commands are applicable since the attack vector is local.'}, {'type': 'paragraph', 'content': 'For system-level detection, you can run the application and manually test the alarm feature by pasting a crafted payload similar to the exploit described, or use the provided Python script from the exploit to generate a test payload.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Avoid using the alarm scheduling feature in Parallaxis Cuckoo Clock version 5.0 until a patch or update is available.
- Restrict access to the application to trusted users only, since the attack requires local user interaction.
- Monitor for any abnormal application behavior or crashes related to the alarm feature.
- Apply any official patches or updates from the vendor once released.
- Consider removing or uninstalling the vulnerable version if immediate patching is not possible.