CVE-2024-54756

CRITICAL

GZDoom 4.13.1 - Remote Code Execution via Crafted PK3 ZScript File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-54756. PoCs published by Chainmanner.

AI-analyzed exploit summary This PoC demonstrates arbitrary code execution in GZDoom via ZScript by exploiting a huge array allocation vulnerability to bypass ASLR and leverage RWX memory regions for shellcode execution. The exploit chain involves arbitrary read/write primitives and function pointer manipulation.

Description

A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1 allows attackers to execute arbitrary code via supplying a crafted PK3 file containing a malicious ZScript source file.

Exploits (1)

nomisec WORKING POC 12 stars
by Chainmanner · poc
https://github.com/Chainmanner/GZDoom-Arbitrary-Code-Execution-via-ZScript-PoC

This PoC demonstrates arbitrary code execution in GZDoom via ZScript by exploiting a huge array allocation vulnerability to bypass ASLR and leverage RWX memory regions for shellcode execution. The exploit chain involves arbitrary read/write primitives and function pointer manipulation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: GZDoom <= 4.13.1
No auth needed
Prerequisites: Victim must load a malicious PK3 file containing the ZScript exploit
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.0267
EPSS Percentile 83.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-94
Status published
Published Feb 20, 2025
Tracked Since Feb 18, 2026