Buffer Overflow Vulnerability in Easy CD & DVD Cover Creator by Easy Software
CVE-2020-36940

5.1MEDIUM

Key Information:

Vendor: Tucows
Status: Easy Cd & Dvd Cover Creator
Vendor: CVE Published:; 27 January 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-36940?

Easy CD & DVD Cover Creator version 4.13 is susceptible to a buffer overflow vulnerability in the serial number input field. This flaw allows attackers to craft a malicious 6000-byte payload that, when inserted into the serial number field, can lead to an application crash. This type of vulnerability can create a denial of service scenario, disrupting the normal operation of the software and potentially impacting user productivity.

Affected Version(s)

Easy CD & DVD Cover Creator 4.13

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-36940 - Proof of Concept

References

https://www.exploit-db.com/exploits/49337

exploit

https://www.vulncheck.com/advisories/easy-cd-dvd-cover-cr...

third-party-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jan 27, 2026
👾
Exploit known to exist
Jan 27, 2026
Vulnerability published
Jan 27, 2026
Vulnerability Reserved
Jan 25, 2026

Credit

Achilles

CVE-2020-36940 Data

JSON

Tucows

Badges

What is CVE-2020-36940?

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V4

Timeline

Credit