by vicarius
log in join community
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

by @the0z1
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

CVEs

CVE-2024-21413
9.8 Critical Severity

Apps

Office
OfficeMicrosoft
16.0.18526.20736.*
16.0.20107.20000.*
16.0.20026.20038.*
16.0.20106.20000.*
16.0.10417.20132.*
16.0.17932.20776.*
16.0.20105.20000.*
16.0.20103.20002.*
16.0.14334.20670.*
16.0.19929.20136.*
OLT
Office Long Term Servicing ChannelMicrosoft
2024.*
2021.*
365 Apps
365 AppsMicrosoft
16.0.19127.20314.*
2401.17231.20236.*
116.0.17231.20194.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.17126.20132.*

PoC video

Summary

A vulnerability has been discovered in Microsoft Outlook known as "MonikerLink," which allows an attacker to obtain NTLM hashes and execute arbitrary remote code on a victim machine by exploiting some specially crafted hyperlinks within an email to bypass the protected view of Outlook.

Description

Tags

#Office#NTLM#CVE-2024-21413#Outlook#remote-code-execution

@the0z1

2 posts

Total vcoins

0

Comments (0)