by vicarius
log in join community
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

by @the0z1
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

CVEs

CVE-2024-21413
9.8 Critical Severity

Apps

Office
OfficeMicrosoft
16.0.18526.20714.*
16.0.19811.20000.*
16.0.19810.20000.*
16.0.19426.20294.*
16.0.19809.20002.*
16.0.19127.20532.*
16.0.19628.20204.*
16.0.19530.20226.*
16.0.14334.20522.*
16.0.19808.20002.*
OLT
Office Long Term Servicing ChannelMicrosoft
2024.*
2021.*
365 Apps
365 AppsMicrosoft
16.0.19127.20314.*
2401.17231.20236.*
116.0.17231.20194.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.17126.20132.*

PoC video

Summary

A vulnerability has been discovered in Microsoft Outlook known as "MonikerLink," which allows an attacker to obtain NTLM hashes and execute arbitrary remote code on a victim machine by exploiting some specially crafted hyperlinks within an email to bypass the protected view of Outlook.

Description

Tags

#Office#NTLM#CVE-2024-21413#Outlook#remote-code-execution

@the0z1

2 posts

Total vcoins

0

Comments (0)