by vicarius
log in join community
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

by @the0z1
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

CVEs

CVE-2024-21413
9.8 Critical Severity

Apps

Office
OfficeMicrosoft
16.0.19609.20004.*
16.0.19608.20000.*
16.0.19231.20274.*
16.0.17932.20620.*
16.0.19607.20002.*
16.0.14334.20440.*
16.0.10417.20080.*
16.0.18526.20672.*
16.0.19426.20186.*
16.0.19328.20266.*
OLT
Office Long Term Servicing ChannelMicrosoft
2024.*
2021.*
365 Apps
365 AppsMicrosoft
16.0.19127.20314.*
2401.17231.20236.*
116.0.17231.20194.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.17126.20132.*

PoC video

Summary

A vulnerability has been discovered in Microsoft Outlook known as "MonikerLink," which allows an attacker to obtain NTLM hashes and execute arbitrary remote code on a victim machine by exploiting some specially crafted hyperlinks within an email to bypass the protected view of Outlook.

Description

Tags

#Office#NTLM#CVE-2024-21413#Outlook#remote-code-execution

@the0z1

2 posts

Total vcoins

0

Comments (0)