Is CVE-2018-0934 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Corporation Chakracore, Edge

CVE-2018-0934

ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulner…

EPSS: 0.853 (99.4th percentile) — read the EPSS interpretation.

Affected products

Microsoft Corporation Chakracore, Edge — versions ChakraCore, Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0934 (x_refsource_CONFIRM)
44397 (exploit, x_refsource_EXPLOIT-DB)
44396 (exploit, x_refsource_EXPLOIT-DB)
1040507 (vdb-entry, x_refsource_SECTRACK)
103275 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-0934?: CVE-2018-0934 is a vulnerability in Microsoft Corporation Chakracore, Edge. Published 2018-03-14.
Is CVE-2018-0934 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.