CVE-2020-37159 HIGH

CVE-2020-37159: Cuckoo Clock 5.0 - Buffer Overflow

Vendor Parallaxis
Product Cuckoo Clock
Weakness CWE-121
Published February 6, 2026
Last update February 17, 2026

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution with potential remote code execution.

Key dates

02Disclosure timeline

February 6, 2026 CVE published
February 17, 2026 Record updated