Is CVE-2019-0768 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Internet Explorer 11

CVE-2019-0768

A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer S…

EPSS: 0.850 (99.4th percentile) — read the EPSS interpretation.

Affected products

Microsoft Internet Explorer 11 — versions Windows 10 Version 1709 for 32-bit Systems, Windows 10 Version 1709 for x64-based Systems, Windows 10 Version 1803 for 32-bit Systems

Public proof-of-concept exploits

ruthlezs/ie11_vbscript_exploit
0xT11/CVE-POC
ZwCreatePhoton/CVE-2019-1221
developer3000S/PoC-in-GitHub
edxsh/CVE-2019-1221
hectorgie/PoC-in-GitHub
nomi-sec/PoC-in-GitHub
punishell/WindowsLegacyCVE
ruthlezs/ie11_

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-0768?: CVE-2019-0768 is a vulnerability in Microsoft Internet Explorer 11. Published 2019-04-09.
Is CVE-2019-0768 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.