CVE-2020-37195 – BlueAuditor 1.7.2.0 contains a buffer overflow ... (How to Fix)

Q: What is the severity of CVE-2020-37195?

CVE-2020-37195 has a CVSS score of 7.5 (HIGH). BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration name input field that allows attackers to crash the application via denial of service. Attackers can paste a 1000-character payload into the 'Name' field to trigger the crash. This affects all users of BlueAuditor 1.7.2.0.

📋 TL;DR

BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration name input field that allows attackers to crash the application via denial of service. Attackers can paste a 1000-character payload into the 'Name' field to trigger the crash. This affects all users of BlueAuditor 1.7.2.0.

💻 Affected Systems

Products:

BlueAuditor

Versions: 1.7.2.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the registration/name input field of the application interface.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash and denial of service, disrupting Bluetooth auditing operations and potentially causing data loss if unsaved work exists.

🟠

Likely Case

Application crash requiring restart, temporary disruption of Bluetooth device auditing capabilities.

🟢

If Mitigated

Minimal impact if application is restarted quickly and no critical operations were interrupted.

🌐 Internet-Facing: LOW (BlueAuditor is typically a desktop application not directly internet-exposed)

🏢 Internal Only: MEDIUM (Requires local access or social engineering to exploit, but could disrupt legitimate auditing operations)

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires user interaction to paste payload into the name field. Proof of concept available on Exploit-DB.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://www.nsauditor.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates or consider alternative software.

🔧 Temporary Workarounds

Input Validation Restriction

windows

Manually restrict input length in the name field or avoid using suspicious long names

Application Sandboxing

windows

Run BlueAuditor in a sandboxed environment to limit impact of crashes

🧯 If You Can't Patch

Restrict application access to trusted users only
Monitor for application crashes and investigate any suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check BlueAuditor version in Help > About menu. If version is 1.7.2.0, it is vulnerable.

Check Version:

Check via application interface: Help > About

Verify Fix Applied:

No fix available to verify. Consider testing with safe payloads to confirm vulnerability.

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Windows Event Viewer application error events for BlueAuditor

Network Indicators:

No network indicators (local exploit)

SIEM Query:

EventID=1000 OR EventID=1001 AND SourceName='Application Error' AND ProcessName='BlueAuditor.exe'

📊 Metadata

CVE ID: CVE-2020-37195

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.03% exploit probability (7.4th percentile)

Published: February 11, 2026

Last Updated: February 12, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37195, you might also want to check these: