ChakraCore Vulnerability: Control Flow Guard Bypass and Arbitrary Code Execution
CVE-2018-0818 · HIGH Severity
AV:N/AC:M/AU:S/C:C/I:C/A:C
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".
Learn more about our Web Application Penetration Testing UK.