Remote Code Execution Vulnerability in Microsoft ChakraCore Scripting Engine
CVE-2020-0823
7.5HIGH
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 12 March 2020
What is CVE-2020-0823?
A vulnerability exists in the ChakraCore scripting engine that could allow an attacker to execute arbitrary code in the context of the current user. The issue arises from improper handling of objects in memory, potentially enabling malicious actors to exploit this flaw via crafted scripts. Users are advised to update their Microsoft products which utilize ChakraCore to mitigate the risks associated with this vulnerability.
Affected Version(s)
ChakraCore = unspecified
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems = unspecified
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems = unspecified