Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2020-0674: Internet Explorer Scripting Engine Memory Corruption Vulnerability

Last updated February 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A remote code execution vulnerability exists in some versions of Internet Explorer. An attacker who is able to convince a user to visit a malicious or compromised website may be able to execute code on the affected system, with the same permissions as the user.

The vulnerability affects IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, and IE 11 on all other supported versions of Windows.

Add Assessment

2
Technical Analysis

An Edge vuln might be more valuable, but plenty of people still use IE. Last I heard, there was no known PoC. Perhaps only Google and Qihoo 360 have seen these “attacks in the wild.”

General Information

Additional Info

Technical Analysis