PatchSiren

PatchSiren cyber security CVE debrief

CVE-2013-1347 Microsoft CVE debrief

CVE-2013-1347 is a Microsoft Internet Explorer remote code execution vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. For defenders, the key point is not the underlying exploit technique, but that this issue has been treated as actively exploited and should be remediated using vendor guidance.

Vendor
Microsoft
Product
Internet Explorer
CVSS
Unknown
CISA KEV
Listed
Original CVE published
2022-03-03
Original CVE updated
2022-03-03
Advisory published
2022-03-03
Advisory updated
2022-03-03

Who should care

Security teams, Windows administrators, and asset owners responsible for Microsoft Internet Explorer deployments should care, especially in environments that still support or depend on IE for legacy workflows.

Technical summary

The official records identify this issue as a Microsoft Internet Explorer remote code execution vulnerability. CISA’s KEV catalog marks it as known exploited and directs organizations to apply updates per vendor instructions.

Defensive priority

High. CISA includes this CVE in the Known Exploited Vulnerabilities catalog, so remediation should be prioritized according to your vulnerability management process and the KEV due date.

Recommended defensive actions

  • Apply updates per vendor instructions.
  • Verify that Microsoft Internet Explorer systems are remediated across the environment.
  • Use the KEV due date (2022-03-24) as a remediation deadline reference for any still-exposed assets.

Evidence notes

CISA’s KEV entry identifies CVE-2013-1347 as a Microsoft Internet Explorer remote code execution vulnerability, marks it as known exploited, and instructs organizations to apply updates per vendor instructions. The linked NVD and CVE records provide the official vulnerability references.

Official resources

Public debrief based on official CVE, NVD, and CISA KEV records only. No exploit details or reproduction guidance included.