Attacker Value

High

Internet Explorer RCE through scripting engine memory corruption (IE 9, 10, 11)

Attacker Value

High

(2 users assessed)

Exploitability

Unknown

(2 users assessed)

User Interaction

Internet Explorer RCE through scripting engine memory corruption (IE 9, 10, 11)

Disclosure Date: November 12, 2019 •

CVE-2019-1429 CVSS v3 Base Score: 7.5

Exploited in the Wild

Reported by gwillcox-r7

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.

Add Assessment

busterb (314)

November 19, 2019 11:25pm UTC (1 year ago)

Ratings

Attacker Value

High

Technical Analysis

Since this is being exploited in the wild, and affects a wide range of Internet Explorer versions, it looks like it will have some longterm success in targeted phishing and malvertizing campaigns. IE might be down to just 2% of usage, but it’s the only option out of the box on most WIndows Server versions, so it’s at least easy-ish to be running a vulnerable version until you can get patches applied or download a different browser first.

Probably only urgent to patch if you actually use it.

gwillcox-r7 (363)

November 22, 2020 2:54am UTC (2 months ago)

Technical Analysis

Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786. Original tweet announcing this spreadsheet with the 2020 findings can be found at https://twitter.com/maddiestone/status/1329837665378725888

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.5 High

Impact Score:

5.9

Exploitability Score:

1.6

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

High

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

General Information

Offensive Application

exploit

Utility Class

rce

Ports

Unknown

Vulnerable Versions

Internet Explorer 9 Windows Server 2008 for 32-bit Systems Service Pack 2

Internet Explorer 9 Windows Server 2008 for x64-based Systems Service Pack 2

Internet Explorer 11 Windows 7 for 32-bit Systems Service Pack 1

Internet Explorer 11 Windows 7 for x64-based Systems Service Pack 1

Internet Explorer 11 Windows Server 2008 R2 for x64-based Systems Service Pack 1

Internet Explorer 11 Windows 8.1 for 32-bit systems

Internet Explorer 11 Windows 8.1 for x64-based systems

Internet Explorer 11 Windows Server 2012 R2

Internet Explorer 11 Windows RT 8.1

Internet Explorer 11 Windows 10 for 32-bit Systems

Internet Explorer 11 Windows 10 for x64-based Systems

Internet Explorer 11 Windows Server 2016

Internet Explorer 11 Windows 10 Version 1607 for 32-bit Systems

Internet Explorer 11 Windows 10 Version 1607 for x64-based Systems

Internet Explorer 11 Windows 10 Version 1709 for 32-bit Systems

Internet Explorer 11 Windows 10 Version 1709 for x64-based Systems

Internet Explorer 11 Windows 10 Version 1803 for 32-bit Systems

Internet Explorer 11 Windows 10 Version 1803 for x64-based Systems

Internet Explorer 11 Windows 10 Version 1803 for ARM64-based Systems

Internet Explorer 11 Windows 10 Version 1809 for 32-bit Systems

Internet Explorer 11 Windows 10 Version 1809 for x64-based Systems

Internet Explorer 11 Windows 10 Version 1809 for ARM64-based Systems

Internet Explorer 11 Windows Server 2019

Internet Explorer 11 Windows 10 Version 1709 for ARM64-based Systems

Internet Explorer 11 on Windows Server 2012

Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems

Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems

Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems

Internet Explorer 10 Windows Server 2012

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

Microsoft

Products

Internet Explorer 9,
Internet Explorer 11,
Internet Explorer 11 on Windows Server 2012,
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems,
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems,
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems,
Internet Explorer 10

References

Canonical

CVE-2019-1429 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1429)

Miscellaneous

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429

http://packetstormsecurity.com/files/155433/Microsoft-Internet-Explorer-Use-After-Free.html

Rapid7

High