cbcvebase.
CVE-2017-8645
published 2017-08-08

CVE-2017-8645: Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to…

PriorityP269high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
69.28%
99.3th percentile
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Affected

11 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoft_corporationmicrosoft_scripting_engine
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via a specially crafted website or embedded ActiveX control; monitor for Microsoft Edge / Microsoft browser JavaScript engine crashes or memory corruption events related to scripting engine object handling in memory.
  • The PoC exploit abuses the Chakra engine's `InterpreterStackFrame::ProcessLinkFailedAsmJsModule` path by defining a class with a constructor using 'use asm' and a nested function, causing incorrect re-parsing. Detect JavaScript containing class constructors with embedded 'use asm' directives and inner function definitions that return a function reference.
  • The root cause is that `pCurrentFunction` (the constructor) and `pnode` (the method `f`) are mismatched during re-parsing of a failed asm.js module inside a class constructor, leading to an assertion/memory corruption. Look for Chakra engine assertion failures or crashes in `InterpreterStackFrame::ProcessLinkFailedAsmJsModule`.
  • ·CVE-2017-8645 affects Microsoft Edge scripting engine (Chakra); the exploit status at time of patching was 'Exploitation More Likely' for the latest software release, with no known in-the-wild exploitation reported.
  • ·Patches are available via KB4034674, KB4034660, and KB4034658; ensure these are applied to eliminate the vulnerable code path.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.