CVE-2020-17131

Description

Chakra Scripting Engine Memory Corruption Vulnerability

Risk Information

Base Score

4.3

MODERATE

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

EPSS Score

Exploitation Probability

1.166

Associated Vulnerability

Vulnerability	OS Platform
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x86-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows Server, version 1903 for x64-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows Server, version 1909 for x64-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB4592449)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x86-based Systems (KB4592438)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows Server, version 2004 for x64-based Systems (KB4592438)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x64-based Systems (KB4592438)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB4592438)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB4592438)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB4592440)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB4592440)	Windows
Windows Backup Engine Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4592440)	Windows
Vulnerabilities CVE-2020-17131 are fixed in Nuget - Microsoft.ChakraCore 1.11.24	Windows
Vulnerabilities CVE-2020-17131 are fixed in Nuget - Microsoft.ChakraCore for Linux 1.11.24	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-30454	2020-12 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4592449)
PATCH-30455	2020-12 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4592449)
PATCH-30456	2020-12 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4592449)
PATCH-30457	2020-12 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB4592449)
PATCH-30458	2020-12 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4592449)
PATCH-30459	2020-12 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4592449)
PATCH-30446	2020-12 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB4592438)
PATCH-30447	2020-12 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4592438)
PATCH-30448	2020-12 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB4592438)
PATCH-30449	2020-12 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB4592438)
PATCH-30450	2020-12 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB4592438)
PATCH-30451	2020-12 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4592440)
PATCH-30452	2020-12 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4592440)
PATCH-30453	2020-12 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4592440)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234