CVE-2023-54330

CriticalPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

30 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0038 59.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to overwrite…

the Structured Exception Handler (SEH) and execute shellcode on vulnerable Windows systems.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly enforces bounds checking and validation of incoming network packets to prevent the stack-based buffer overflow from malformed data.

SI-16 Memory Protection good match

prevent

Provides memory safeguards such as DEP and ASLR to block SEH overwrite and arbitrary code execution even if overflow occurs.

SI-2 Flaw Remediation good match

prevent

Requires identification, reporting, and correction of the specific buffer overflow flaw, including applying vendor patches when available.

Security SummaryAI

CVE-2023-54330 is a remote stack-based buffer overflow vulnerability (CWE-121, CWE-787) affecting Inbit Messenger versions 4.6.0 through 4.9.0. The flaw resides in the messenger's network handler on vulnerable Windows systems, where insufficient bounds checking on incoming network packets leads to a buffer overflow. This critical issue, assigned a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), was published on 2026-01-13.

Unauthenticated attackers can exploit this vulnerability remotely by crafting and sending specially designed malformed network packets. The payload targets the stack to overwrite the Structured Exception Handler (SEH), enabling arbitrary code execution and shellcode deployment on the affected system. No user interaction or privileges are required, making it highly accessible over the network.

Advisories and resources, including those from Vulncheck and public exploit writeups on Exploit-DB (exploit 51126) and GitHub repositories by a-rey, detail the vulnerability and provide proof-of-concept exploits. An archived review of Inbit Messenger Basic Edition is also referenced, though specific patch availability or mitigation steps are not outlined in the core CVE details. Security practitioners should consult these references for technical deep dives and exploit reproductions.

Details

CWE(s): CWE-121 CWE-787

Affected Products

inbit

inbit messenger

4.6.0 — 4.9.0

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2023-54330 is a remote, unauthenticated buffer overflow in a network-facing messenger application, enabling arbitrary code execution, which directly maps to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/a-rey/exploits/blob/main/writeups/Inbit_Messenger/v4.6.0/writeup.md
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://web.archive.org/web/20200122082432/https://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/51126
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/inbit-messenger-unauthenticated-remote-seh-overflow
Third Party Advisory · disclosure@vulncheck.com
https://github.com/a-rey/exploits/blob/main/writeups/Inbit_Messenger/v4.6.0/writeup.md
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0