{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/atomic-alarm-clock/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.4,"id":"CVE-2020-37221"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Atomic Alarm Clock"],"_cs_severities":["high"],"_cs_tags":["cve-2020-37221","stack overflow","local privilege escalation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eAtomic Alarm Clock 6.3 is vulnerable to a stack overflow (CVE-2020-37221). A local attacker can exploit this vulnerability by crafting a malicious string and supplying it to the display name textbox in the Time Zones Clock configuration. Successful exploitation allows arbitrary code execution with the privileges of the application. The attacker leverages a structured exception handling (SEH) overwrite and encoded shellcode to bypass SafeSEH protections. This vulnerability was reported on May 13, 2026, and poses a risk to systems running the affected software, potentially leading to unauthorized access and control.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker gains local access to a system with Atomic Alarm Clock 6.3 installed.\u003c/li\u003e\n\u003cli\u003eThe attacker opens the Atomic Alarm Clock application.\u003c/li\u003e\n\u003cli\u003eThe attacker navigates to the Time Zones Clock configuration.\u003c/li\u003e\n\u003cli\u003eThe attacker inputs a specially crafted, overly long string into the display name textbox. This string is designed to overflow the allocated buffer on the stack.\u003c/li\u003e\n\u003cli\u003eThe crafted string includes an SEH overwrite, redirecting exception handling to the attacker\u0026rsquo;s controlled memory space.\u003c/li\u003e\n\u003cli\u003eThe crafted string also contains encoded shellcode.\u003c/li\u003e\n\u003cli\u003eWhen the application attempts to handle the overflow, the SEH overwrite triggers, transferring control to the attacker\u0026rsquo;s shellcode.\u003c/li\u003e\n\u003cli\u003eThe shellcode executes, allowing the attacker to perform arbitrary commands with application privileges.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this stack overflow vulnerability allows a local attacker to execute arbitrary code with the privileges of the Atomic Alarm Clock application. This can lead to complete compromise of the affected system, allowing the attacker to install malware, steal sensitive data, or perform other malicious activities. Due to the nature of the vulnerability, systems where Atomic Alarm Clock 6.3 is installed are at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor process creation events for suspicious processes launched by Atomic Alarm Clock, using the \u0026ldquo;Atomic Alarm Clock Suspicious Process Creation\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement application whitelisting to restrict the execution of unauthorized applications.\u003c/li\u003e\n\u003cli\u003eMonitor for registry changes made by Atomic Alarm Clock, which could indicate malicious activity or persistence.\u003c/li\u003e\n\u003cli\u003eUpgrade to a patched version of Atomic Alarm Clock if available; otherwise, consider uninstalling the vulnerable software.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-13T16:19:10Z","date_published":"2026-05-13T16:19:10Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37221-atomic-alarm-clock-stack-overflow/","summary":"Atomic Alarm Clock 6.3 is vulnerable to a stack overflow, allowing local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration (CVE-2020-37221).","title":"Atomic Alarm Clock 6.3 Stack Overflow Vulnerability (CVE-2020-37221)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37221-atomic-alarm-clock-stack-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — Atomic Alarm Clock","version":"https://jsonfeed.org/version/1.1"}