Cyber Resilience

CVE-2017-0222

HighCISA KEVActive ExploitationEUVD Exploited

Published: 12 May 2017

Published
12 May 2017
Modified
22 April 2026
KEV Added
25 February 2022
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.6530 98.5th percentile
Risk Priority 77 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2017-0222 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Internet Explorer. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 1.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

A remote code execution vulnerability exists in Internet Explorer when the browser improperly accesses objects in memory, resulting in memory corruption. The issue is tracked as CVE-2017-0222, is distinct from CVE-2017-0226, and is associated with CWE-787. It received a CVSS 3.1 base score of 8.8 reflecting network attack vector, low attack complexity, no required privileges, required user interaction, and high impact on confidentiality, integrity, and availability.

An unauthenticated remote attacker can exploit the flaw by serving specially crafted web content that triggers the memory corruption when rendered in Internet Explorer. Successful exploitation allows the attacker to execute arbitrary code in the context of the current user, potentially leading to full compromise of the affected system. The Microsoft Security Response Center advisory at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222 and related vendor bulletins provide official guidance on available updates.

EU & UK References

Vulnerability details

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226.

CWE(s)
KEV Date Added
25 February 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
internet explorer
11, 9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely installation of the vendor patches that eliminate the memory-corruption flaw in Internet Explorer.

prevent

Implements memory-protection mechanisms that block the out-of-bounds write (CWE-787) exploited for RCE.

SC-18 Mobile Code partial match
prevent

Restricts execution of mobile code delivered via web content, limiting the attack vector that triggers the IE flaw.

References