CVE-2020-37085 – CVE-2020-37085 is a denial of service vulnerabi... (How to Fix)

Q: What is the severity of CVE-2020-37085?

CVE-2020-37085 has a CVSS score of 7.5 (HIGH). CVE-2020-37085 is a denial of service vulnerability in VirtualTablet Server 3.0.2 where attackers can crash the service by sending oversized string payloads through the Thrift protocol. This affects anyone running VirtualTablet Server 3.0.2, potentially disrupting tablet functionality for users.

📋 TL;DR

CVE-2020-37085 is a denial of service vulnerability in VirtualTablet Server 3.0.2 where attackers can crash the service by sending oversized string payloads through the Thrift protocol. This affects anyone running VirtualTablet Server 3.0.2, potentially disrupting tablet functionality for users.

💻 Affected Systems

Products:

VirtualTablet Server

Versions: 3.0.2

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of VirtualTablet Server 3.0.2 are vulnerable regardless of configuration.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage making VirtualTablet Server unavailable to all users, requiring manual restart of the service.

🟠

Likely Case

Service becomes unresponsive, disrupting tablet connectivity and functionality until service is restarted.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring to detect and block attack attempts.

🌐 Internet-Facing: HIGH - The service listens on network ports and can be targeted remotely without authentication.

🏢 Internal Only: MEDIUM - Internal attackers could disrupt service availability for legitimate users.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available on Exploit-DB (ID 48402), making exploitation trivial for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://www.sunnysidesoft.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates or consider alternative solutions.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to VirtualTablet Server to trusted hosts only

Use firewall rules to limit access to VirtualTablet Server port (default 2345)

Service Monitoring and Restart

all

Implement monitoring to detect service crashes and automatically restart

Create service monitoring script or use systemd/Windows Service recovery options

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach the VirtualTablet Server
Deploy intrusion detection systems to monitor for oversized Thrift protocol payloads

🔍 How to Verify

Check if Vulnerable:

Check if running VirtualTablet Server version 3.0.2. If version matches, system is vulnerable.

Check Version:

Check application interface or installation directory for version information

Verify Fix Applied:

No official fix available. Consider upgrading if vendor releases patched version.

📡 Detection & Monitoring

Log Indicators:

Service crash logs
Unexpected termination of VirtualTablet Server process

Network Indicators:

Large Thrift protocol payloads to port 2345
Multiple connection attempts with oversized strings

SIEM Query:

source_port:2345 AND (payload_size > 1000 OR protocol:thrift)

📊 Metadata

CVE ID: CVE-2020-37085

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

Published: February 3, 2026

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37085, you might also want to check these: