CVE-2020-0713 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2020-0713?

CVE-2020-0713 has a CVSS score of 7.5 (HIGH). This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting memory corruption in the ChakraCore scripting engine. Attackers could gain control of the system through specially crafted web content. This primarily affects systems running Microsoft Edge browser with ChakraCore.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting memory corruption in the ChakraCore scripting engine. Attackers could gain control of the system through specially crafted web content. This primarily affects systems running Microsoft Edge browser with ChakraCore.

💻 Affected Systems

Products:

Microsoft Edge
ChakraCore

Versions: Microsoft Edge (EdgeHTML-based) versions prior to the February 2020 security update

Operating Systems: Windows 10, Windows Server 2016, Windows Server 2019

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the legacy EdgeHTML-based Microsoft Edge browser, not the newer Chromium-based Edge. ChakraCore is the JavaScript engine used in this browser.

📦 What is this software?

Chakracore by Microsoft

View all CVEs affecting Chakracore →

Edge by Microsoft

View all CVEs affecting Edge →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to install programs, view/change/delete data, or create new accounts with full user rights.

🟠

Likely Case

Attackers execute malicious code in the context of the current user, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟢

If Mitigated

With proper security controls like application whitelisting and least privilege, impact is limited to the compromised user context without system-wide access.

🌐 Internet-Facing: HIGH - Exploitable through web browsing, making internet-facing systems with vulnerable browsers at significant risk.

🏢 Internal Only: MEDIUM - Internal systems with vulnerable browsers could be exploited through malicious internal web content or phishing campaigns.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (visiting a malicious website) but no authentication. Memory corruption vulnerabilities in scripting engines are commonly exploited in the wild.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: February 2020 security update for Microsoft Edge

Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713

Restart Required: Yes

Instructions:

1. Apply the February 2020 security update for Microsoft Edge through Windows Update. 2. Alternatively, upgrade to Chromium-based Microsoft Edge which is not affected.

🔧 Temporary Workarounds

Disable JavaScript

windows

Disable JavaScript in Microsoft Edge to prevent exploitation through web content

Use alternative browser

windows

Switch to Chromium-based Microsoft Edge or another modern browser

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized code execution
Configure Microsoft Edge to run in Enhanced Security Configuration mode

🔍 How to Verify

Check if Vulnerable:

Check Microsoft Edge version in Settings > About Microsoft Edge. If version is prior to the February 2020 update, system is vulnerable.

Check Version:

msedge --version

Verify Fix Applied:

Verify Windows Update history shows the February 2020 security update for Microsoft Edge is installed.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from Microsoft Edge
Memory access violations in Edge processes
Suspicious PowerShell or command execution from browser context

Network Indicators:

Outbound connections to known malicious domains from Edge processes
Unusual HTTP requests to exploit hosting sites

SIEM Query:

Process Creation where ParentImage contains 'msedge.exe' and (CommandLine contains 'powershell' or CommandLine contains 'cmd')

📊 Metadata

CVE ID: CVE-2020-0713

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: February 11, 2020

Last Updated: November 21, 2024

🔗 References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713 Patch,Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-0713, you might also want to check these: