by vicarius
log in join community
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

by @the0z1
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

CVEs

CVE-2024-21413
9.8 Critical Severity

Apps

Office
OfficeMicrosoft
16.0.19929.20000.*
16.0.19926.20000.*
16.0.19925.20000.*
16.0.19924.20000.*
16.0.19923.20000.*
16.0.19922.20000.*
16.0.19822.20114.*
16.0.19921.20000.*
16.0.19919.20000.*
16.0.19822.20104.*
OLT
Office Long Term Servicing ChannelMicrosoft
2024.*
2021.*
365 Apps
365 AppsMicrosoft
16.0.19127.20314.*
2401.17231.20236.*
116.0.17231.20194.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.17126.20132.*

PoC video

Summary

A vulnerability has been discovered in Microsoft Outlook known as "MonikerLink," which allows an attacker to obtain NTLM hashes and execute arbitrary remote code on a victim machine by exploiting some specially crafted hyperlinks within an email to bypass the protected view of Outlook.

Description

Tags

#Office#NTLM#CVE-2024-21413#Outlook#remote-code-execution

@the0z1

2 posts

Total vcoins

0

Comments (0)