cbcvebase.
CVE-2017-8548
published 2017-06-15

CVE-2017-8548: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the…

PriorityP267high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
67.59%
99.2th percentile
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8549.

Affected

10 ranges
VendorProductVersion rangeFixed in
microsoft_corporationmicrosoft_edge
msrcmicrosoft_edge_on_windows_10_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • The PoC triggers the vulnerability by using a Uint32Array of size 0 combined with a TypedArray setter to cause incorrect JIT optimization in Chakra, leading to memory corruption. Monitor for JavaScript patterns using 'new Uint32Array(0)' alongside typed array setter abuse and Object.defineProperty with getter/setter on arrays.
  • The exploit uses a 'use strict' directive combined with JIT-optimized function repeatedly called (~10000 iterations) to trigger the incorrect optimization path in Microsoft Edge's Chakra engine.
  • Attack vector is web-based: attacker hosts a specially crafted website or embeds an ActiveX control marked 'safe for initialization' to exploit the vulnerability through Microsoft browsers. Monitor for drive-by download scenarios targeting Microsoft Edge/IE scripting engine.
  • ·Exploit status at time of patching was 'Publicly Disclosed: No; Exploited: No' but rated 'Exploitation More Likely' for the latest software release, meaning in-the-wild exploitation had not been confirmed but was considered probable.
  • ·The vulnerability affects the Microsoft Scripting Engine (Chakra JIT) in Microsoft Edge. The PoC specifically notes that changing Uint32Array size from 100 to 0 is the key trigger condition.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.