CVE-2020-0674

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 04, 2019
Published Date: February 11, 2020
Last Updated: October 21, 2025
Vendor: Microsoft
Product: Internet Explorer 10, Internet Explorer 11, Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 11 on Windows Server 2012, Internet Explorer 9
Description: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
Tags

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Source	Added Date
CISA	2021-11-03 00:00:00 UTC
CISA	2021-11-03 00:00:00 UTC

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Type: github • Created: 2020-05-07 22:02:25 UTC • Stars: 224

This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.