Remote Code Execution Vulnerability in Microsoft ChakraCore Scripting Engine
CVE-2020-0828
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 12 March 2020
What is CVE-2020-0828?
An issue has been identified within the ChakraCore scripting engine, which can lead to potential remote code execution by corrupting object memory handling. This vulnerability can be exploited when a user opens a specially crafted file or visits a malicious website designed to execute payloads through the scripting engine. As a result, attackers could gain the same user rights as the logged-in user, leading to unauthorized actions and system manipulation. Applying the latest security updates from Microsoft is crucial to mitigate this vulnerability.
Affected Version(s)
ChakraCore = unspecified
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems = unspecified
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems = unspecified