cbcvebase.
CVE-2017-8640
published 2017-08-08

CVE-2017-8640: Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user…

PriorityP269high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
69.28%
99.3th percentile
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Affected

13 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoft_corporationmicrosoft_scripting_engine
msrcmicrosoft_edge_on_windows_10_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

commandfunction f() { ({a = () => { let arguments; }} = 1); arguments.x; } f();
  • The vulnerability is triggered via a specially crafted website or ActiveX control embedded in an Office document targeting Microsoft Edge/Chakra JavaScript engine. Monitor for Edge processes spawning unexpected child processes or accessing sensitive memory regions after visiting untrusted sites.
  • The root cause is misuse of the `PNodeFlags::fpnArguments_overriddenByDecl` flag in Chakra's parser when `buildAST` is false, causing uninitialized `arguments` object. Detection should focus on JavaScript patterns combining destructuring assignment with `let arguments` inside arrow functions followed by `arguments` property access.
  • The parser bug occurs in `Parser::ParseVariableDeclaration` when `m_currentNodeFunc` is used regardless of the `buildAST` flag, potentially corrupting the wrong function's `grfpn` flag. Look for Chakra engine crashes or memory corruption telemetry in Microsoft Edge (Windows 10 1703).
  • ·CVE-2017-8640 affects Microsoft Edge on Windows 10 1703 only (older software release listed as N/A). Exploitation is rated 'More Likely' for the latest software release at time of disclosure, but was not observed exploited in the wild at time of publication.
  • ·The PoC (Exploit-DB 42476) is titled 'Uninitialized Arguments (1)', suggesting there may be additional variants of this class of vulnerability in the Chakra engine.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.