CVE CVE-2020-1569 Mappings

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) primary_impact T1574 Hijack Execution Flow
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) primary_impact T1499.004 Application or System Exploitation
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) secondary_impact T1005 Data from Local System
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) secondary_impact T1565 Data Manipulation
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) secondary_impact T1485 Data Destruction
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) secondary_impact T1136 Create Account
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) exploitation_technique T1204.002 Malicious File
CVE-2020-1569 Microsoft Edge (EdgeHTML-based) exploitation_technique T1566 Phishing