CVE-2020-37199 – NBMonitor 1.6.6.0 contains a buffer overflow vu... (How to Fix)

Q: What is the severity of CVE-2020-37199?

CVE-2020-37199 has a CVSS score of 7.5 (HIGH). NBMonitor 1.6.6.0 contains a buffer overflow vulnerability in its registration key input field that allows attackers to crash the application by pasting a 1000-character payload. This creates a denial of service condition where the monitoring software becomes unavailable. All users running NBMonitor 1.6.6.0 are affected.

📋 TL;DR

NBMonitor 1.6.6.0 contains a buffer overflow vulnerability in its registration key input field that allows attackers to crash the application by pasting a 1000-character payload. This creates a denial of service condition where the monitoring software becomes unavailable. All users running NBMonitor 1.6.6.0 are affected.

💻 Affected Systems

Products:

NBMonitor

Versions: 1.6.6.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default registration key input field of the application.

📦 What is this software?

Nbmonitor by Nsasoft

View all CVEs affecting Nbmonitor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to loss of monitoring capabilities, potentially affecting business operations that rely on NBMonitor for system oversight.

🟠

Likely Case

Application becomes unresponsive and requires restart, causing temporary monitoring gaps until service is restored.

🟢

If Mitigated

Minimal impact with proper input validation and monitoring redundancy in place.

🌐 Internet-Facing: MEDIUM - Requires user interaction with the application interface, but could be exploited if application is exposed via remote access.

🏢 Internal Only: MEDIUM - Internal users with access to the application interface could intentionally or accidentally trigger the crash.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires physical or remote access to the application interface to paste the payload into the key field.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://www.nsauditor.com/

Restart Required: No

Instructions:

Check vendor website for updated version. If available, download and install the patched version. No specific patch version is documented for this CVE.

🔧 Temporary Workarounds

Input Validation

windows

Implement input validation to restrict key field length to reasonable values

Application Isolation

windows

Run NBMonitor in isolated environment with limited user access

🧯 If You Can't Patch

Restrict physical and remote access to NBMonitor application interface
Implement redundant monitoring solutions to maintain visibility if NBMonitor crashes

🔍 How to Verify

Check if Vulnerable:

Check NBMonitor version in application Help > About menu. If version is 1.6.6.0, system is vulnerable.

Check Version:

Check Help > About menu in NBMonitor application

Verify Fix Applied:

Test by attempting to paste a 1000-character string into the registration key field. If application does not crash, fix is likely applied.

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Unexpected NBMonitor termination events

Network Indicators:

Sudden cessation of monitoring traffic from NBMonitor host

SIEM Query:

EventID: 1000 OR EventID: 1001 Source: NBMonitor.exe

📊 Metadata

CVE ID: CVE-2020-37199

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.03% exploit probability (7.4th percentile)

Published: February 11, 2026

Last Updated: February 26, 2026

🔗 References

http://www.nsauditor.com/ Product
https://www.exploit-db.com/exploits/47866 Exploit,VDB Entry
https://www.vulncheck.com/advisories/nbmonitor-key-denial-of-service Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37199, you might also want to check these: