Think you have a false positive on this rule?

Sid 1-46929

Message

BROWSER-IE Microsoft Edge type confusion memory corruption attempt

Summary

This event is generated when a type confusion vulnerability is attempting to exploit Microsoft Edge

Impact

Attempted User Privilege Gain

CVE-2018-8111:

CVSS base score 7.5

CVSS impact score 5.9

CVSS exploitability score 1.6

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

A Type Confusion vulnerability has been found in Microsoft Edge. Successful exploitation of this vulnerability can achieve Remote Code Execution. CVE-2018-8111: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8236.

Affected systems

  • microsoft edge -

Ease of attack

Simple

False positives

N/A

False negatives

N/A

Corrective action

Install the latest upgrade for Microsoft Edge

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8111