CVE-2020-37066 – GoldWave Remote Code Execution Vulnerability

“A malicious audio file could silently trigger code execution and give attackers control of the system.”

This patch addresses a critical vulnerability (CVE-2020-37066) affecting GoldWave, a popular digital audio editing application. The issue exists in the way the application processes certain audio files, where improper memory handling can allow specially crafted files to trigger memory corruption during parsing.

An attacker can exploit this weakness by convincing a user to open a maliciously crafted audio file. When processed by the vulnerable application, the file can trigger remote code execution, allowing attackers to run arbitrary commands on the affected system with the privileges of the user. CVE-2020-37066 carries a CVSS v3.1 score of 9.8 (Critical).

Updates to GoldWave correct the memory handling flaw and strengthen validation of audio file data during processing. Systems running vulnerable versions remain exposed until the updated software is installed.

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2020-37066 – GoldWave Remote Code Execution Vulnerability

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002