Login Sign Up

CVE-2020-13545

7.8 HIGH
Remote Code Execution Buffer Overflow

📋 TL;DR

This vulnerability allows remote code execution through a heap-based buffer overflow when parsing malicious TextMaker documents in SoftMaker Office 2021. Attackers can exploit this by tricking users into opening specially crafted documents, potentially gaining control of the affected system. Users of SoftMaker Office 2021 TextMaker application are affected.

💻 Affected Systems

Products:
  • SoftMaker Office 2021 TextMaker
Versions: 2021 versions prior to the security patch
Operating Systems: Windows, Linux, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable by default when opening documents.

📦 What is this software?

Softmaker Office by Softmaker

View all CVEs affecting Softmaker Office →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the victim's computer, enabling data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Arbitrary code execution with the privileges of the user opening the document, leading to data exfiltration, credential theft, or lateral movement within the network.

🟢

If Mitigated

Application crash or denial of service if exploit fails or memory protections prevent full code execution.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious document but no authentication. The vulnerability is well-documented with technical details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SoftMaker Office 2021 with security update addressing CVE-2020-13545

Vendor Advisory: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1162

Restart Required: Yes

Instructions:

1. Open SoftMaker Office 2021. 2. Navigate to Help > Check for Updates. 3. Install all available updates. 4. Restart the application. 5. Verify the patch is applied by checking version information.

🔧 Temporary Workarounds

Disable document preview and auto-open

all

Prevent automatic parsing of documents by disabling preview features and requiring explicit user action to open files.

Use application sandboxing

all

Run TextMaker in a sandboxed environment to limit potential damage from exploitation.

🧯 If You Can't Patch

  • Block TextMaker document files (.tmd, .tmv) at network perimeter and email gateways
  • Implement application whitelisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check SoftMaker Office version in Help > About. If version is 2021 without the security patch, the system is vulnerable.

Check Version:

On Windows: Check Help > About in TextMaker. On Linux/macOS: Check application properties or about dialog.

Verify Fix Applied:

Verify the application version shows the patched version and test with known safe documents to ensure normal functionality.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with memory access violations
  • Unexpected process termination of TextMaker
  • Unusual document parsing errors

Network Indicators:

  • Downloads of TextMaker documents from untrusted sources
  • Email attachments with .tmd/.tmv extensions

SIEM Query:

Process:TextMaker.exe AND (EventID:1000 OR ExceptionCode:c0000005) OR FileExtension:(.tmd OR .tmv) AND SourceIP:(external_network)

📊 Metadata

CVE ID: CVE-2020-13545
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-196
Published: January 6, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON