anonhaven
Ad

CVE-2020-37140

MEDIUM CVSS 4.0: 4.6 EPSS 0.01%
Updated Mar 27, 2026
Aida64
Parameter Value
CVSS 4.6 (MEDIUM)
Type CWE-787 (Out-of-bounds Write)
Vendor Aida64
Public PoC Yes

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
Active
User action required

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
Low
Partial disruption

CVSS Vector v4.0

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Aida64 Aida64
cpe:2.3:a:aida64:aida64:5.50.2100:*:*:*:-:*:*:*

References 3

https://web.archive.org/web/20191223010612/https://www.aida64.com/
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/48259
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/everest-open-file-denial-of-service
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2019-25633

Aida64

8.6

CVE-2019-25631

Aida64

8.6

CVE-2019-25629

Aida64

8.6

CVE-2019-25360

Aida64

8.4