Description
TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and overwrite the instruction pointer with malicious addresses.
Published: 2026-03-28
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution via local buffer overflow
Action: Patch immediately
AI Analysis

Impact

The vulnerability is a stack‑based buffer overflow in TiEmu’s ROM parameter handling. A local attacker can supply an oversized ROM parameter through the command‑line interface, overflowing the stack buffer and overwriting the instruction pointer. This can cause a crash or lead to arbitrary code execution.

Affected Systems

The affected product is TiEmu 3.03‑nogdb+dfsg‑3, a Texas Instrument Emulator released by the ticalc community. No other versions are listed, so only this specific build is vulnerable.

Risk and Exploitability

The CVSS score of 8.6 indicates high severity, and the vulnerability is not listed in the CISA KEV catalog. EPSS data is unavailable. The exploit is local, requiring access to the command line, but it can result in arbitrary code execution or denial of service, posing a substantial risk if used in shared or untrusted environments.

Generated by OpenCVE AI on March 28, 2026 at 13:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TiEmu to the latest patched version available from the official website.

Generated by OpenCVE AI on March 28, 2026 at 13:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Ticalc
Ticalc texas Instrument Emulator
Vendors & Products Ticalc
Ticalc texas Instrument Emulator

Sat, 28 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Description TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and overwrite the instruction pointer with malicious addresses.
Title TiEmu 3.03-nogdb+dfsg-3 Buffer Overflow via ROM Parameter
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Ticalc Texas Instrument Emulator
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-01T13:56:34.739Z

Reserved: 2026-03-28T11:32:42.741Z

Link: CVE-2016-20040

cve-icon Vulnrichment

Updated: 2026-04-01T13:56:28.867Z

cve-icon NVD

Status : Deferred

Published: 2026-03-28T12:15:59.670

Modified: 2026-05-01T15:21:32.393

Link: CVE-2016-20040

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T06:59:25Z

Weaknesses