cbcvebase.
CVE-2018-8114
published 2018-05-09

CVE-2018-8114: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory…

PriorityP273high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
14.44%
96.2th percentile
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.

Affected

25 ranges
VendorProductVersion rangeFixed in
microsoftchakracore<= 1.8.3
microsoftchakracore
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftmicrosoft_edge
microsoftmicrosoft_edge
msrcinternet_explorer_11_on_windows_10_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1607_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1607_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1703_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1703_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1709_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1709_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_x64-based_systems
msrcinternet_explorer_11_on_windows_7_for_32-bit_systems_service_pack_1
msrcinternet_explorer_11_on_windows_7_for_x64-based_systems_service_pack_1
msrcinternet_explorer_11_on_windows_8.1_for_32-bit_systems
msrcinternet_explorer_11_on_windows_8.1_for_x64-based_systems
msrcinternet_explorer_11_on_windows_rt_8.1
msrcinternet_explorer_11_on_windows_server_2008_r2_for_x64-based_systems_service_pac
msrcinternet_explorer_11_on_windows_server_2012_r2
msrcinternet_explorer_11_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is in the Internet Explorer scripting engine's handling of objects in memory; monitor for IE processes spawning unexpected child processes or executing arbitrary code, which may indicate exploitation of this memory corruption flaw.
  • Watch for ActiveX controls marked 'safe for initialization' being embedded in Office documents or applications hosting the IE rendering engine as a delivery vector for exploitation.
  • Microsoft assesses exploitation as 'More Likely' for both latest and older software releases; prioritize detection and patching on systems running Internet Explorer.
  • ·No public exploit or active in-the-wild exploitation confirmed at time of advisory publication.
  • ·The affected component is the Microsoft Scripting Engine within Internet Explorer; the fix modifies how the scripting engine handles objects in memory.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
ghsa7.5HIGH
osv7.5HIGH
vulncheck7.5HIGH
vendor_msrc7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.