CVE-2020-0848 – This is a remote code execution vulnerability i... (How to Fix)

Q: What is the severity of CVE-2020-0848?

CVE-2020-0848 has a CVSS score of 7.5 (HIGH). This is a remote code execution vulnerability in ChakraCore, Microsoft's JavaScript engine used in Edge browser. Attackers can exploit memory corruption to execute arbitrary code on affected systems. Users running vulnerable versions of Microsoft Edge are primarily affected.

📋 TL;DR

This is a remote code execution vulnerability in ChakraCore, Microsoft's JavaScript engine used in Edge browser. Attackers can exploit memory corruption to execute arbitrary code on affected systems. Users running vulnerable versions of Microsoft Edge are primarily affected.

💻 Affected Systems

Products:

Microsoft Edge
ChakraCore

Versions: Microsoft Edge (EdgeHTML-based) versions prior to the March 2020 security update

Operating Systems: Windows 10, Windows Server 2016, Windows Server 2019

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects EdgeHTML-based Microsoft Edge, not the newer Chromium-based Edge. ChakraCore is the JavaScript engine used in these versions.

📦 What is this software?

Chakracore by Microsoft

View all CVEs affecting Chakracore →

Edge by Microsoft

View all CVEs affecting Edge →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to install programs, view/change/delete data, or create new accounts with full user rights.

🟠

Likely Case

Browser compromise leading to data theft, malware installation, or system takeover when users visit malicious websites.

🟢

If Mitigated

Limited impact with proper browser sandboxing and security controls in place, potentially containing exploitation to browser process.

🌐 Internet-Facing: HIGH - Exploitable via malicious web content without user interaction beyond visiting a compromised site.

🏢 Internal Only: MEDIUM - Requires user to visit malicious content, which could be delivered via internal phishing or compromised internal sites.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Memory corruption vulnerabilities in scripting engines are frequently exploited in the wild, though no specific weaponization of this CVE has been confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: March 2020 security updates for Windows 10 and Windows Server

Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848

Restart Required: Yes

Instructions:

1. Apply Windows Update for March 2020 security patches. 2. Ensure Microsoft Edge is updated through Windows Update. 3. Restart system to complete installation.

🔧 Temporary Workarounds

Disable JavaScript

windows

Disable JavaScript in Microsoft Edge to prevent exploitation, though this breaks most web functionality.

Switch to Chromium-based Edge

windows

Migrate to the newer Chromium-based Microsoft Edge which is not affected by this vulnerability.

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized code execution
Use network segmentation to isolate vulnerable systems and restrict browser access to untrusted content

🔍 How to Verify

Check if Vulnerable:

Check Microsoft Edge version: Open Edge → Settings → About Microsoft Edge. If version is before the March 2020 update, system is vulnerable.

Check Version:

In Edge browser address bar, type: edge://settings/help

Verify Fix Applied:

Verify Windows Update history shows March 2020 security updates installed and Edge version is updated.

📡 Detection & Monitoring

Log Indicators:

Unexpected Edge crashes
Suspicious process creation from Edge
Memory access violations in Edge process

Network Indicators:

Unusual outbound connections from Edge browser
Traffic to known malicious domains

SIEM Query:

Process Creation where (ParentImage contains "msedge.exe" OR Image contains "msedge.exe") AND CommandLine contains suspicious patterns

📊 Metadata

CVE ID: CVE-2020-0848

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: March 12, 2020

Last Updated: November 21, 2024

🔗 References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848 Patch,Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-0848, you might also want to check these: