Exploit developer Yushi Liang announced in a tweet that he discovered a zero-day remote code execution vulnerability in the Microsoft Edge web browser, with a Proof of Concept (PoC) already available and an exploit in the works.
The zero-day Edge RCE vulnerability discovered by Liang could allow for arbitrary code execution once exploited by a potential attacker which, depending on the privilege level of the logged in account, could install programs on the compromised machine, create admin accounts, as well as exfiltrate and modify data.
Liang demonstrated the Proof of Concept on Twitter with the help of a screenshot displaying a Calculator window spawned from a Microsoft Edge instance.
Furthermore, Liang also created a video demonstrating the results of the RCE vulnerability with the Microsoft Edge web browser launching a Mozilla Firefox instance which in turn would open the Google Chrome download page.
The zero-day security issue was found using Sensepost's Wadi Fuzzer while teaming with Alexander Kochkov, a Russian exploit developer.
A Microsoft Edge RCE exploit with a sandbox escape is worth $100,000
According to Liang, the goal of their development effort is to create an exploit capable of escaping the sandbox, which will drastically increase its value on the exploits market.
More precisely, to have an idea of the price tag for a successful exploit for this type of security issue, a Microsoft Edge remote code execution exploit is worth to Zerodium $50,000 and $100,000 if it comes with an attached sandbox escape.
Lian also explained in a tweet the reason behind the delayed availability of the exploit saying that during the exploit's development he "just lost half my exploit code due a crash bug in the text editor, can't restore any backups and I forgot to save during development."
To make sure that this vulnerability does as little damage as possible, Microsoft Edge users should make sure that they are logged in to accounts without administrator privileges and to always be careful what links they open in the web browser.