Cyber Resilience

CVE-2019-0752

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoCRansomware-linked

Published: 09 April 2019

Published
09 April 2019
Modified
29 October 2025
KEV Added
15 February 2022
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.9148 99.7th percentile
Risk Priority 90 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-0752 is a high-severity Type Confusion (CWE-843) vulnerability in Microsoft Windows 10 1709. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 0.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-18 (Mobile Code) and SI-2 (Flaw Remediation).

Deeper analysis

A remote code execution vulnerability tracked as CVE-2019-0752 exists in the scripting engine of Internet Explorer due to improper handling of objects in memory, resulting in memory corruption. The issue is classified under CWE-843 and carries a CVSS 3.1 score of 7.5 reflecting network attack vector, high complexity, no required privileges, and required user interaction.

An unauthenticated remote attacker can trigger the flaw by causing a victim to visit a malicious web page in Internet Explorer, achieving arbitrary code execution that impacts confidentiality, integrity, and availability on the affected system. The vulnerability is distinct from several related scripting engine issues disclosed around the same time.

Microsoft has published guidance for CVE-2019-0752 through its security advisory portal, and additional technical details are available from the Zero Day Initiative. Public exploit code referencing affected builds such as Windows 10 1809 version 17763.316 has also been posted to Packet Storm.

EU & UK References

Vulnerability details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.

CWE(s)
KEV Date Added
15 February 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
internet explorer
10, 11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely application of the vendor patch that eliminates the memory-corruption flaw in the IE scripting engine.

prevent

Restricts or disables mobile code (scripts) executed by Internet Explorer, blocking the attack vector that triggers the RCE.

preventdetect

Deploys malicious-code detection mechanisms that can identify and block web pages exploiting the scripting-engine vulnerability.

References