Lucene search

K
kasperskyKaspersky LabKLA11997
HistoryNov 10, 2020 - 12:00 a.m.

KLA11997 Multiple vulnerabilities in Microsoft Browser

2020-11-1000:00:00
Kaspersky Lab
threats.kaspersky.com
17

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.358 Low

EPSS

Percentile

97.0%

Detect date:

11/10/2020

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products:

Internet Explorer 11
ChakraCore
Microsoft Edge (EdgeHTML-based)

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) and follow additional recommendations for CVE-2020-17052.

Original advisories:

CVE-2020-17053
CVE-2020-17052
CVE-2020-17058
CVE-2020-17048
CVE-2020-17054

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2020-170537.5Critical
CVE-2020-170527.5Critical
CVE-2020-170587.5Critical
CVE-2020-170484.2Warning
CVE-2020-170544.2Warning

KB list:

4586785
4586793
4586787
4586786
4586781
4586827
4586768
4586834
4586830
4586845

Microsoft official advisories:

References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.358 Low

EPSS

Percentile

97.0%