CVE-2017-0222
Published: 12 May 2017
Summary
CVE-2017-0222 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Internet Explorer. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 1.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
A remote code execution vulnerability exists in Internet Explorer when the browser improperly accesses objects in memory, resulting in memory corruption. The issue is tracked as CVE-2017-0222, is distinct from CVE-2017-0226, and is associated with CWE-787. It received a CVSS 3.1 base score of 8.8 reflecting network attack vector, low attack complexity, no required privileges, required user interaction, and high impact on confidentiality, integrity, and availability.
An unauthenticated remote attacker can exploit the flaw by serving specially crafted web content that triggers the memory corruption when rendered in Internet Explorer. Successful exploitation allows the attacker to execute arbitrary code in the context of the current user, potentially leading to full compromise of the affected system. The Microsoft Security Response Center advisory at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222 and related vendor bulletins provide official guidance on available updates.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-0588
Vulnerability details
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226.
- CWE(s)
- KEV Date Added
- 25 February 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely installation of the vendor patches that eliminate the memory-corruption flaw in Internet Explorer.
Implements memory-protection mechanisms that block the out-of-bounds write (CWE-787) exploited for RCE.
Restricts execution of mobile code delivered via web content, limiting the attack vector that triggers the IE flaw.