Rule Category

BROWSER-IE -- Snort has detected traffic known to exploit vulnerabilities present in the Internet Explorer browser, or products that have the Trident or Tasman engines.

Alert Message

BROWSER-IE Microsoft Edge memory corruption attempt

Rule Explanation

This rule alerts when an attempt to exploit a JavaScript based vulnerability occurs. These attacks are commonly used to exploit a victims browser, and may lead to remote code being executed on a victim machine.

What To Look For

This alert occurs when an attacker attempts to exploit CVE-2020-0824.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

Additional Links

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2020-0824
Loading description

MITRE ATT&CK Framework

Tactic: Execution

Technique: AppleScript

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org