7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-0818

GHSA ID

GHSA-fv8m-p45w-gf38

EPSS Score

0.94311%

CWE

Published

5/13/2022

Updated

10/6/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-0818

CVE-2018-0818: ChakraCore RCE Vulnerability

Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".

(GitHub Advisory)

7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-0818

GHSA ID

GHSA-fv8m-p45w-gf38

EPSS Score

0.94311%

CWE

Published

5/13/2022

Updated

10/6/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
Microsoft.ChakraCore	nuget	< 1.8.0	1.8.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper handling of process context data during OOP JIT compilation. The commit diff shows critical changes in how ProcessContext (holding Chakra/CRT base addresses) is initialized and validated. The added ConnectProcess RPC in JITManager.cpp and modified ServerThreadContext constructor indicate that pre-patch versions lacked proper safeguards for these values, enabling attackers to supply malicious addresses and bypass CFG protections during memory access operations.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Mi*roso*t ***kr**or* *llows *n *tt**k*r to *yp*ss *ontrol *low *u*r* (***) in *onjun*tion wit* *not**r vuln*r**ility to run *r*itr*ry *o** on * t*r**t syst*m, *u* to *ow t** ***kr* s*riptin* *n*in* **n*l*s ****ssin* m*mory, *k* "S*riptin* *n*in* S**u

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* `pro**ss` *ont*xt **t* *urin* OOP JIT *ompil*tion. T** *ommit *i** s*ows *riti**l ***n**s in *ow `Pro**ss*ont*xt` (*ol*in* ***kr*/*RT **s* ***r*ss*s) is initi*liz** *n* v*li**t**. T** ***** `*onn**tPr

7.5

Basic Information

Concerned about an active attack path?

CVE-2018-0818: ChakraCore RCE Vulnerability

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI