Charka Core is vulnerable to Remote Code Execution. This is due to an improper type-check when the engine handles objects in memory. This allows an attacker to execute arbitrary codes with user permission. If the user has admin rights, the attacker can potentially take control of the system.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.11.9 | |
microsoft.chakracore.vc140 | le | 1.11.9 |