Remote Code Execution Vulnerability in Microsoft Browsers
CVE-2017-0131
7.5HIGH
What is CVE-2017-0131?
A vulnerability exists within Microsoft scripting engines in the way they handle objects in memory, potentially allowing an attacker to execute arbitrary code in the context of the current user. If exploited, this could provide the attacker with the same user rights as the individual currently logged in. This poses significant risks, especially if the user has administrative privileges. An attacker can take complete control of the affected system, enabling them to install unauthorized software, manipulate or delete files, and create new user accounts with elevated rights.
Affected Version(s)
Browser Browser
References
EPSS Score
16% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved