cbcvebase.
CVE-2018-8122
published 2018-05-09

CVE-2018-8122: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory…

PriorityP273high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
14.44%
96.2th percentile
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.

Affected

25 ranges
VendorProductVersion rangeFixed in
microsoftchakracore<= 1.8.3
microsoftchakracore
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftmicrosoft_edge
microsoftmicrosoft_edge
msrcinternet_explorer_11_on_windows_10_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1607_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1607_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1703_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1703_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1709_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1709_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_x64-based_systems
msrcinternet_explorer_11_on_windows_7_for_32-bit_systems_service_pack_1
msrcinternet_explorer_11_on_windows_7_for_x64-based_systems_service_pack_1
msrcinternet_explorer_11_on_windows_8.1_for_32-bit_systems
msrcinternet_explorer_11_on_windows_8.1_for_x64-based_systems
msrcinternet_explorer_11_on_windows_rt_8.1
msrcinternet_explorer_11_on_windows_server_2008_r2_for_x64-based_systems_service_pac
msrcinternet_explorer_11_on_windows_server_2012_r2
msrcinternet_explorer_11_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is in the Internet Explorer scripting engine's handling of objects in memory — monitor for IE process spawning unexpected child processes or executing arbitrary code in the context of the current user.
  • Watch for ActiveX controls marked 'safe for initialization' being embedded in Office documents or applications hosting the IE rendering engine as an attack delivery vector.
  • Monitor for exploitation attempts via compromised or attacker-controlled websites serving specially crafted content through Internet Explorer (web-based attack scenario).
  • ·Exploit Status is rated 'Exploitation More Likely' for both latest and older software releases, but no public exploit or active in-the-wild exploitation was confirmed at time of advisory publication.
  • ·CVE-2018-8122 is one of multiple scripting engine memory corruption CVEs patched in the same update cycle — ensure deduplication when correlating with related CVEs (CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139).

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
ghsa7.5HIGH
osv7.5HIGH
vulncheck7.5HIGH
vendor_msrc7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.