Miggo Logo

CVE-2019-0812: ChakraCore RCE Vulnerability

7.5

CVSS Score
3.0

Basic Information

EPSS Score
0.97432%
Published
5/13/2022
Updated
9/28/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
Microsoft.ChakraCorenuget< 1.11.81.11.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability (CWE-787) stems from missing type validation in property handling logic. The patches in both files add a 'type == typeToEnumerate' check to prevent type confusion. The absence of this check in the original code allowed attackers to manipulate object types and trigger out-of-bounds writes. The functions modifying property descriptors in these files are directly responsible for the unsafe memory operations, as shown by the critical addition of the type validation in the patches.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* r*mot* *o** *x**ution vuln*r**ility *xists in t** w*y t**t t** ***kr* s*riptin* *n*in* **n*l*s o*j**ts in m*mory in Mi*roso*t ****, *k* '***kr* S*riptin* *n*in* M*mory *orruption Vuln*r**ility'. T*is *V* I* is uniqu* *rom *V*-****-****, *V*-****-**

Reasoning

T** vuln*r**ility (*W*-***) st*ms *rom missin* typ* v*li**tion in prop*rty **n*lin* lo*i*. T** p*t***s in *ot* *il*s *** * 'typ* == typ*To*num*r*t*' ****k to pr*v*nt typ* *on*usion. T** **s*n** o* t*is ****k in t** ori*in*l *o** *llow** *tt**k*rs to