cbcvebase.
CVE-2018-0838
published 2018-02-15

CVE-2018-0838: Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the…

PriorityP268high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
65.86%
99.2th percentile
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

Affected

16 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoft_corporationinternet_explorer
msrcchakracore
msrcmicrosoft_edge_on_windows_10_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Fortinet released a dedicated IPS signature to detect exploitation of CVE-2018-0838
  • The vulnerability is triggered in chakra.dll; monitor for type confusion in NewScObjectNoCtor when JavascriptNativeFloatArray is converted to JavascriptArray without validation in JIT-compiled code
  • The vulnerable component is chakra.dll; analysis was performed against version 11.00.14393.447 — use this version as a baseline for patch-gap detection
  • The bug is exploitable via a malicious web page browsed through Microsoft Edge; monitor Edge renderer processes for anomalous memory access patterns following JIT compilation
  • ·The PoC used in the Fortinet analysis is based on Google Security Research Team published information; no in-the-wild exploit samples or hashes specific to CVE-2018-0838 are provided in the sources
  • ·The assembly-level analysis targets a specific chakra.dll build (11.00.14393.447); detection logic tied to this version may not apply to patched or other builds

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
ghsa7.5HIGH
osv7.5HIGH
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.