Cyber Resilience

CVE-2020-0968

HighCISA KEVActive ExploitationEUVD Exploited

Published: 15 April 2020

Published
15 April 2020
Modified
29 October 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.4367 97.6th percentile
Risk Priority 61 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-0968 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Windows 10 1709. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 2.4% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-18 (Mobile Code) and SI-2 (Flaw Remediation).

Deeper analysis

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, tracked as CVE-2020-0968 and also known as the Scripting Engine Memory Corruption Vulnerability. It is distinct from CVE-2020-0970 and is associated with CWE-787. The issue received a CVSS 3.1 score of 7.5, reflecting network attack vector, high attack complexity, no required privileges, and required user interaction.

An attacker can exploit the flaw over the network by supplying specially crafted content that triggers memory corruption when processed by the scripting engine in Internet Explorer. Successful exploitation grants the ability to execute arbitrary code with the privileges of the current user, potentially leading to full confidentiality, integrity, and availability impacts on the affected system.

Microsoft security advisories at the referenced MSRC portal provide official guidance and patches for the vulnerability. The CISA Known Exploited Vulnerabilities catalog entry confirms that the issue has been observed in active exploitation, underscoring the need for prompt application of available updates.

EU & UK References

Vulnerability details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
internet explorer
11, 9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely application of vendor patches to remediate the known scripting-engine memory-corruption flaw before exploitation succeeds.

prevent

Restricts or sandbox-executes mobile code (scripts) processed by Internet Explorer, blocking the specially crafted content that triggers the RCE.

prevent

Enforces least functionality by disabling or limiting scripting features and unnecessary IE components that the attacker relies on to reach the vulnerable engine.

References